What's the source IP address of the traffic that Elastic Load Balancing sends to my web servers?

3 minute read
1

I use Elastic Load Balancing for my web servers. I want to know the IP address that the load balancer uses to forward traffic to my web servers.

Short description

Resolve the DNS name of the load balancer to determine the IP addresses that are associated with an internal or an internet-facing load balancer. These are the IP addresses where the clients send the requests that are destined for the load balancer. ELB nodes use the private IP addresses that are associated with their elastic network interfaces as the source IP address for forwarded requests to your servers. For Network Load Balancers, the source IP address of these requests depends on the configuration of their target group.

You can use these IP addresses for multiple purposes, such as to allow the load balancer traffic on the web servers and for request processing. It's a best practice to use security group referencing on the web server's security group inbound rules. This allows load balancer traffic from Classic Load Balancers or Application Load Balancers. However, Network Load Balancers don't support security groups and must be based on the target group configurations. The client IP addresses or the private IP addresses that are associated with the Network Load Balancers must be allowed on the web server's security group.

Use the following options to find private IP addresses that are associated with load balancer elastic network interfaces:

  • The AWS Management Console
  • The AWS Command Line Interface (AWS CLI)

Resolution

The IP addresses for Classic Load Balancers and Application Load Balancers change over time. Don't use this information to statically configure your applications to point to these IP addresses.

Note: If you receive errors when running AWS CLI commands, make sure that you're using the most recent AWS CLI version.

AWS Management Console

  1. Open the Amazon Elastic Compute Cloud (Amazon EC2) console.
  2. In the navigation pane, under Load Balancing, choose Load Balancers.
  3. Under Load balancers, copy the name of the load balancer that you want to find the IP addresses for.
  4. In the navigation pane, under Network & Security, choose Network Interfaces.
  5. Paste the load balancer name that you copied in to the search box. The filtered results show all elastic network interfaces that are associated with the load balancer. You can find the primary private IP address of each elastic network interface in the Primary private IPv4 IP column.

AWS CLI

Run the following command:

aws ec2 describe-network-interfaces --filters Name=description,Values="ELB elb-name" --query 'NetworkInterfaces[*].PrivateIpAddresses[*].PrivateIpAddress' --output text

Replace elb-name with one of the following options:

  • For Classic Load Balancers: Name of the load balancer
  • For Application Load Balancers: app/load-balancer-name/load-balancer-id
  • For Network Load Balancers: net/load-balancer-name/load-balancer-id

For Application Load Balancers and Network Load Balancers, run the following command to find the load-balancer-id:

aws elbv2 describe-load-balancers --names load-balancer-name

The load-balancer-id is the last field of characters that follows the trailing slash after the load balancer's name in the ARN.

AWS OFFICIAL
AWS OFFICIALUpdated 8 months ago
6 Comments

I can see 3 network interfaces. That means, I've 3 public IP addresses?

replied 10 months ago

Thank you for your comment. We'll review and update the Knowledge Center article as needed.

profile pictureAWS
MODERATOR
replied 10 months ago

My ALB has no addresses in

aws elbv2 describe-load-balancers --names load-balancer-name

But it has several network interfaces. So this provided last command doesn't work as expected

Misha
replied 9 months ago

Thank you for your comment. We'll review and update the Knowledge Center article as needed.

profile pictureAWS
MODERATOR
replied 9 months ago

Hello,

Thank you for this article. I tried the below command and I received 0 IPs associated with my ALB.

Is this normal?

aws ec2 describe-network-interfaces --filters Name=description,Values="ELB elb-name" --query 'NetworkInterfaces[].PrivateIpAddresses[].PrivateIpAddress' --output text

AVA
replied 18 days ago

Thank you for your comment. We'll review and update the Knowledge Center article as needed.

profile pictureAWS
MODERATOR
replied 18 days ago