tkuchiki/memo.md

## memo.md

      
    Raw
  

              memo.md
            
          
パブリックアクセス可能なVPC 内で起動したインスタンス(EC2 だけでなく、RDS なども)の hostname ec2-xx-xx-xxx-xx.REGION.compute.amazonaws.com は VPC 外では global IPを返し、VPC 内では private IP を返す

RDS などをパブリックアクセス可能な状態で起動すると、CNAME で ec2-xx-xx-xxx-xx.REGION.compute.amazonaws.com が返る(中身が EC2 だから)


関連: VPC 内の DB インスタンスに同じ VPC 内の EC2 インスタンスがアクセスする

http://docs.aws.amazon.com/ja_jp/AmazonRDS/latest/UserGuide/USER_VPC.Scenarios.html#USER_VPC.Scenario1
# VPC内
$ dig ec2-xx-xx-xxx-xx.REGION.compute.amazonaws.com ns

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.56.amzn1 <<>> ec2-xx-xx-xxx-xx.REGION.compute.amazonaws.com ns
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63115
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;ec2-xx-xx-xxx-xx.REGION.compute.amazonaws.com. IN NS

;; AUTHORITY SECTION:
REGION.compute.amazonaws.com. 60 IN  SOA     ns0.REGION.compute.internal. hostmaster.amazon.com. 1509501367 3600 3600 3600 60

;; Query time: 3 msec
;; SERVER: 10.1.0.2#53(10.1.0.2)
;; WHEN: Wed Nov  1 01:56:07 2017
;; MSG SIZE  rcvd: 150

# VPC外
$ dig ec2-xx-xx-xxx-xx.REGION.compute.amazonaws.com ns

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.56.amzn1 <<>> ec2-xx-xx-xxx-xx.REGION.compute.amazonaws.com ns
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63115
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;ec2-xx-xx-xxx-xx.REGION.compute.amazonaws.com. IN NS

;; AUTHORITY SECTION:
REGION.compute.amazonaws.com. 60 IN  SOA     dns-external-master.amazon.com. root.amazon.com. 15094 28800 900 604800 900

;; Query time: 3 msec
;; SERVER: 10.1.0.2#53(10.1.0.2)
;; WHEN: Wed Nov  1 01:56:07 2017
;; MSG SIZE  rcvd: 150