EC2 virutal interface

Hello,

Thank you for querying in this forum.

From the descriptions, I understand that you have implemented an overlay network by creating virtual IPs within EC2 instances, which are not visible or managed directly by AWS and can be viewed only by customers from within the instance. In AWS, to enable communication between EC2 instances in the same subnet, we can typically use Security Groups and Network Access Control Lists (ACLs) to allow traffic between them. Additionally, ensure that the routing table within the VPC allows traffic between the instances. Please check the below steps to connect from instance 2 to instance 1 over virtual IP address:

1. Disable Source/Destination Check for the instance to send/receive traffic not explicitly addressed to their primary network interface. Please refer to below AWS article for the same: actions → Networking → Source/Dest. Check and disable it

• https://docs.aws.amazon.com/vpc/latest/userguide/VPC_NAT_Instance.html#EIP_Disable_SrcDestCheck

2. Route Configuration: Configure the routing tables of the instances involved. For example, If Instance 2 needs to communicate with the virtual IP (ex: 10.1.1.1) on Instance 1, you will need to add a custom route in the subnet route table of Instance 2, specifying the virtual IP as the destination (ex: 10.1.1.1/32) and the target being the Instance 1's primary interface ID (example eni-id: eni-1234567890).

• https://docs.aws.amazon.com/vpc/latest/userguide/WorkWithRouteTables.html

Thank you for your interest in re:Post community. Have a great day!