Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

Is traffic between two EC2 public instance over the internet or on AWS Backbone network ?

0

Lets say A Public EC2 Service A calls Public EC2 Service 2 using public endpoint , Would that traffic be over the internet or on AWS Backbone network

Topics
Networking & Content DeliveryCompute
Tags
Amazon VPCAmazon EC2Networking & Content Delivery
Language
English
asked a year ago1K views
3 Answers
2

Hello.

I think it is communicating with the network within AWS.
https://aws.amazon.com/vpc/faqs/?nc1=h_ls

Does traffic go over the internet when two instances communicate using public IP addresses, or when instances communicate with a public AWS service endpoint?
No. When using public IP addresses, all communication between instances and services hosted in AWS use AWS's private network. Packets that originate from the AWS network with a destination on the AWS network stay on the AWS global network, except traffic to or from AWS China Regions.

In addition, all data flowing across the AWS global network that interconnects our data centers and Regions is automatically encrypted at the physical layer before it leaves our secured facilities. Additional encryption layers exist as well; for example, all VPC cross-region peering traffic, and customer or service-to-service Transport Layer Security (TLS) connections.

EXPERT
answered a year ago
EXPERT
reviewed a year ago
EXPERT
reviewed a year ago
0

It stays on AWS's backbone network, except in the AWS partition for China. It's stated in this document article: https://docs.aws.amazon.com/vpc/latest/userguide/how-it-works.html#what-is-aws-global-network

EXPERT
answered a year ago
EXPERT
reviewed a year ago
0

Hello.

Traffic stays within AWS

Here's the simple breakdown:

Public IP in AWS:

Even though your EC2 instances have public IP addresses, they're for internal AWS routing, not the real internet.

Public Endpoints (Internal):

Public endpoints for services within the same region translate to internal AWS addresses.

AWS Backbone:

Traffic travels securely and quickly over the dedicated AWS network within the region.

Traffic between Public EC2 Instances (Same Region):

It should be on the AWS Backbone network, not the internet.

Check if your instances are in the same region. Different regions might use the internet.

Verify Security Groups: Ensure rules allow traffic between your instances' IP addresses or security groups.

Please follow official AWS documentation that elaborates on AWS EC2 networking in detail, including security groups and traffic flow within a region:

https://docs.aws.amazon.com/whitepapers/latest/aws-privatelink/what-are-vpc-endpoints.html

EXPERT
answered a year ago
EXPERT
reviewed a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content