By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Public ip address connectivity in AWS

0

Hello, I'm very new to AWS and this seems to be very basic question, but I can't find the answer so here you go.

It seems whenever my instance get assigned a public ip (either dynamic public ip or elastic public ip, associated to instance or to the interface) I don't see that public ip assigned to an interface and traffic from the internet to that public ip always being delivered to my instance private ip. It seems that whenever my instance is assigned a public ip address what actually happens is somewhere inside AWS a static one-to-one NAT mapping is set up for that public ip address to the private ip address on the instance, which means there's always one-to-one NAT between instance and the internet.

So I have 2 questions: is my understanding correct and if so, if there's a way to avoid NAT and have a public ip assigned directly to an instance.

Thanks,

Topics
Networking & Content DeliveryCompute
Tags
Amazon VPCAmazon EC2Networking & Content Delivery
Language
English
AWS-User-3394524
asked 2 years ago1519 views
2 Answers
2
  1. Yes, you are correct. The Internet Gateway does the NATing between the Public and Private IPs.
  2. Yes, it is possible to use a Public CIDR range for the VPC but you still will need an Internet Gateway.

See: Modify the IP addressing behavior of your subnets

"... however, you can use publicly routable CIDR blocks for your VPC. Regardless of the IP address range of your VPC, we do not support direct access to the internet from your VPC's CIDR block, including a publicly-routable CIDR block. You must set up internet access through a gateway; for example..."

profile pictureAWS
EXPERT
kentrad
answered 2 years ago
1

Thank you for clarifying it. I must say it wasn't clear at all and is also a big surprise coming from the world of linode and digital ocean where each VM just gets public ip. Anyway this leads to another question if you don't mind. Is there a way for me to get this public CIDR range from amazon? I mean short of bringing my own routable space to AWS? I don't mind the gateway between instance and the internet, but I do mind the NAT. The protocol I'm dealing with - SIP - doesn't cope well with address mangling. In other words my project requires me to have direct (meaning no NAT, routing gateway is OK) connectivity. How can I do it with AWS? Thanks

AWS-User-3394524
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content