By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

EC2 in public subnet reachable by public IP but not by public DNS

0

When launching ec2 instance in a specific public subnet, the instances automatically show a Public IPv4 address and a Public IPv4 DNS. However, they are only reachable (by SSH) through their IP address; not through their DNS name. What could be the cause? Some additional information:

The VPC containing the subnet has "DNS hostnames" enabled and "DNS resolution" enabled. The Subnet ACL allows all traffic.

Topics
Networking & Content DeliveryCompute
Tags
Amazon VPCAmazon EC2Networking & Content DeliveryAmazon Route 53
Language
English
rePost-User-0207280
asked 2 years ago726 views
6 Answers
1

Hi there!

When you say they are only reachable by IP you mean with SSH only? And when you say "not by DNS" do you mean HTTP/S? If you it might be because the security group attached to the instance is not allowing HTTP traffic.

To modify the security group:

  1. Open the EC2 console
  2. Go to Instances
  3. Locate the instance in question
  4. Look at the instance details and under the Security tab, click on the security group link
  5. This will take you to the security group details

EC2 Instance Security Group

  1. Edit the inbound rules
  2. Add a rule to allow HTTP (or HTTPS) for your instance.

Security Group Inbound Rules

I hope this helps (if so, please accept this answer)

profile pictureAWS
EXPERT
Jose Guay
answered 2 years ago
profile picture
EXPERT
Antonio_Lagrotteria
reviewed 2 years ago
0

Hi, thanks for your reply. Maybe I didn't describe it clearly, sorry. I have released all ports and protocols under inbound rules. But the public DNS is still inaccessible. I found through the ping command that the ip address pointed to by the public DNS is not the public ip of the instance。 My public ip can access http and ssh services normally. The difference is that the ip resolved by the public DNS is inconsistent with the public ip

rePost-User-0207280
answered 2 years ago
0

Can I check the public DNS from the EC2 details?
You should be able to see the public IP by running the nslookup command on this public DNS.
ec2

profile picture
EXPERT
Riku_Kobayashi
answered 2 years ago
0

Thank you very much for your help. I have checked the cause. The port belonging to the security group is not released and the nginx configuration file does not take effect. However, the inconsistency between the ping public dns and public ip addresses has caused me to never find the real reason. Can you tell me why it is inconsistent? I am very curious.

rePost-User-0207280
answered 2 years ago
0

On the client machine (where you are running the SSH session from), what results do you get from doing a DNS lookup for the EC2 instance?

You can use nslookup or dig to test, or even just trying to ping the instance. Does it return the IP address? If not, then there is an issue with the DNS resolution from that machine - further troubleshooting is required. If it does return the IP address then perhaps there is an issue with the SSH client software where it isn't doing DNS "correctly".

profile pictureAWS
EXPERT
Brettski-AWS
answered 2 years ago
-1

I would think that is strange but being DNS there might be other elements at play.

The best recommendation I can provide to you is to use an Elastic IP to get a permanent public IP for your instance which will provide you with a new DNS name. As mentioned, it is permanent and won't change even if you terminate your instance and can detach it from the Instance and attach it to another one if needed.

profile pictureAWS
EXPERT
Jose Guay
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content