How do I troubleshoot insufficient IP address errors that occur during scaling activity in my Amazon VPC?
I want to troubleshoot insufficient IP address errors that occur during scaling activity in my Amazon Virtual Private Cloud (Amazon VPC).
Short description
If the number of requested IP addresses exceeds the number of available IP addresses in a subnet, then the following error messages might appear:
- errorCode: Client.InvalidParameterValue; errorMessage: "There aren't sufficient free Ipv4 addresses or prefixes"
- errorCode: InvalidParameterException; errorMessage: "There aren't sufficient free Ipv4 addresses or prefixes"
To troubleshoot scaling activity errors that are related to insufficient IP addresses, complete the following tasks:
- Check for available IP addresses.
- Identify resources that use IP addresses.
- View and remove subnet CIDR reservations.
- View and remove Ipv4 or Ipv6 prefix that are assigned to elastic network interfaces.
- Identify IP address assignment events.
Resolution
Note: If you receive errors when you run AWS Command Line Interface (AWS CLI) commands, then see Troubleshoot AWS CLI errors. Also, make sure that you're using the most recent AWS CLI version.
Check for available IP addresses
Note: The first four IP addresses and the last IP address in each subnet CIDR block aren't available and can't be assigned to a resource.
To check for available IP addresses, use either the AWS Management Console or the AWS CLI.
AWS Management Console
Complete the following steps:
- Open the AWS Management Console.
- Navigate to Amazon VPC services, and then choose Subnets.
- On the Subnet page, choose Preferences.
- Turn on Available IPv4 Address.
AWS CLI
Run the describe-subnets command to check for available IP addresses:
Note: Replace example-subnet-id with your subnet ID.
aws ec2 describe-subnets --subnet-ids example-subnet-id
Identify resources that use IP addresses
To identify resources that use IP addresses for the subnet, use either the Amazon Elastic Compute Cloud (Amazon EC2) console or the AWS CLI.
Amazon EC2 console
Complete the following steps:
- Open the Amazon EC2 console.
- Navigate to Network interfaces, and then enter the subnet in the search box.
- Count the primary and secondary IP addresses that are assigned to network interfaces.
- View Description to identify the services that use IP addresses.
AWS CLI
Run the following describe-network-interfaces commands.
View all the resources that run on a subnet:
Note: Replace example-subnet-id with the ID of your subnet.
aws ec2 describe-network-interfaces --filters Name=subnet-id,Values=example-subnet-id
View the number of IP addresses that are on your subnet:
Note: Replace example-subnet-id with the ID of your subnet.
aws ec2 describe-network-interfaces --filters Name=subnet-id,Values=example-subnet-id | jq -r '.NetworkInterfaces[].PrivateIpAddresses[].PrivateIpAddress' | wc -l
View IP address that aren't attached to an network interface:
aws ec2 describe-network-interfaces --filters Name=subnet-id,Values=example-subnet-id
View and remove subnet CIDR reservations
To view and remove subnet CIDR reservations, use either the Amazon VPC console or the AWS CLI.
Amazon VPC console
Complete the following steps:
- Open the Amazon VPC console.
- Navigate to Amazon VPC resources, choose Subnets, and then select the subnet.
- From to the CIDR reservations tab, choose Actions, and then choose Modify CIDR reservations.
- Choose Remove.
AWS CLI
Run the following get-subnet-cidr-reservations commands.
View subnet CIDR reservations:
Note: Replace example-subnet-id with your subnet ID.
aws ec2 get-subnet-cidr-reservations --subnet-id example-subnet-id
Remove subnet CIDR reservations:
Note: Replace example-cidr-reservation-id with the CIDR reservation ID.
aws ec2 delete-subnet-cidr-reservation --subnet-cidr-reservation-id example-cidr-reservation-id
View and remove Ipv4 or Ipv6 CIDR that are assigned to network interfaces
To view and remove Ipv4 or Ipv6 prefixes, use either the Amazon VPC console or AWS CLI.
Amazon VPC console
Complete the following steps:
- Open the Amazon VPC console.
- Navigate to Network interfaces, and then enter your subnet in the search box.
- Check the Ipv4 or Ipv6 Prefix column to see if a CIDR is assigned.
- For Preferences, turn on the parameter.
- To remove the assigned prefixes, choose a network interface ID.
- Choose Actions.
- For Manage prefixes, choose Unassign.
AWS CLI
Run the describe-network-interfaces and unassign-private-ip-addresses commands:
View assigned prefixes:
aws ec2 describe-network-interfaces
Remove assigned prefixes:
aws ec2 unassign-private-ip-addresses network-interface-id "EniID-example" ipv4-prefixes "prefixexample"
Identify IP address assignment events
To identify assigned IP addresses, complete the following steps in the AWS CloudTrail console:
- Open the CloudTrail console.
- Navigate to your CloudTrail event history.
- For Lookup attributes, choose Event name with the AssignPrivateIpAddresses API event name. You can also use the following API event names:
CreateNetworkInterface
RunInstances
AttachNetworkInterface
AssignPrivateIpAddresses - View the username, time, and resources that are assigned to the API and the associated network interface.
Note: Or, use an attribute such as, Resource name, and add your subnet ID to look up subnet-specific API calls. This action might not show all the APIs that use the subnet's private IP address.
Related information
Relevant content
- Accepted Answerasked 3 months ago
- asked 3 months ago
- Accepted Answerasked 2 years ago
- asked 4 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 3 months ago
- AWS OFFICIALUpdated 7 months ago
