Search code examples
amazon-web-servicesamazon-ec2hostname

How to resolve hostname of AWS EC2

I try to access a service in an AWS EC2 I installed. It showed error:

do not know what is ip-10-124-123-122

How to resolve the private hostname of the EC2: ip-10-124-123-122?

This two links show I can change hostname of the ip-10-124-123-122 to the domain name of the EC2:

  1. set enableDnsHostnames and enableDnsSupport to true in VPC: Using DNS with Your VPC - Amazon Virtual Private Cloud

  2. change hostname from ip-10-124-123-122 to domainname: Changing the Hostname of Your Linux Instance - Amazon Elastic Compute Cloud

Note I do have a domain name for the webserver of EC2:port 80 but it is nothing to do with the hostname of the EC2. Because I created the domain name using this way:

https://domainname->route53->ALB:443->targetgroup->EC2 port 80.

Note: the EC2 is in a non-default VPC and the VPC already has DNS resolution and DNS hostnames enabled.

If I type nslookup ip-10-X-X-X.region.compute.internal at an EC2 in the same subnet of that EC2, I can see the IP but the IP of that EC2 is not resolved.

If I type nslookup ip-10-X-X-X.region.compute.internal in my machine where I try to access the service;

Note: if I nslookup ip-10-124-123-122 won't get EC2 resolved. maybe this is the reason?

Are the above steps enough to resolve the hostname of the EC2? if not. how to resolve the error: do not know what is ip-10-124-123-122?

Solution

  • Each Amazon EC2 instance has a Public DNS Name and a Private DNS Name.

    The Public DNS Name will look something like this:

    ec2-54-252-207-11.ap-southeast-2.compute.amazonaws.com

    This can be resolved on the Internet. It will actually be resolved to 54.252.207.11 as suggested by the name.

    The Private DNS Name will look something like this:

    ip-172-31-10-201.ap-southeast-2.compute.internal

    It will be resolved to 172.31.10.201.

    The private DNS Name can only be resolved within the VPC where it exists. This is because the IP address only makes sense within that private network.

    From a computer on the Internet, I can resolve the public address:

    $ nslookup ec2-54-252-207-77.ap-southeast-2.compute.amazonaws.com
Server:     192.168.1.1
Address:    192.168.1.1#53

Non-authoritative answer:
Name:   ec2-54-252-207-77.ap-southeast-2.compute.amazonaws.com
Address: 54.252.207.77

    From an Amazon EC2 instance within the same VPC, I can resolve the internal IP address:

    $ nslookup ip-172-31-10-201.ap-southeast-2.compute.internal
Server:     172.31.0.2
Address:    172.31.0.2#53

Non-authoritative answer:
Name:   ip-172-31-10-201.ap-southeast-2.compute.internal
Address: 172.31.10.201

    Bottom line: It appears you are not using the full DNS Name, which is why it is not working for you. This is like trying to resolve facebook instead of facebook.com. It will not work. (Well, it will if you define a default network search domain, but that's not really suitable here.)