- パブリックアクセス可能なVPC 内で起動したインスタンス(EC2 だけでなく、RDS なども)の hostname ec2-xx-xx-xxx-xx.REGION.compute.amazonaws.com は VPC 外では global IPを返し、VPC 内では private IP を返す
- RDS などをパブリックアクセス可能な状態で起動すると、CNAME で ec2-xx-xx-xxx-xx.REGION.compute.amazonaws.com が返る(中身が EC2 だから)
関連: VPC 内の DB インスタンスに同じ VPC 内の EC2 インスタンスがアクセスする
http://docs.aws.amazon.com/ja_jp/AmazonRDS/latest/UserGuide/USER_VPC.Scenarios.html#USER_VPC.Scenario1
# VPC内
$ dig ec2-xx-xx-xxx-xx.REGION.compute.amazonaws.com ns
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.56.amzn1 <<>> ec2-xx-xx-xxx-xx.REGION.compute.amazonaws.com ns
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63115
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;ec2-xx-xx-xxx-xx.REGION.compute.amazonaws.com. IN NS
;; AUTHORITY SECTION:
REGION.compute.amazonaws.com. 60 IN SOA ns0.REGION.compute.internal. hostmaster.amazon.com. 1509501367 3600 3600 3600 60
;; Query time: 3 msec
;; SERVER: 10.1.0.2#53(10.1.0.2)
;; WHEN: Wed Nov 1 01:56:07 2017
;; MSG SIZE rcvd: 150
# VPC外
$ dig ec2-xx-xx-xxx-xx.REGION.compute.amazonaws.com ns
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.56.amzn1 <<>> ec2-xx-xx-xxx-xx.REGION.compute.amazonaws.com ns
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63115
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;ec2-xx-xx-xxx-xx.REGION.compute.amazonaws.com. IN NS
;; AUTHORITY SECTION:
REGION.compute.amazonaws.com. 60 IN SOA dns-external-master.amazon.com. root.amazon.com. 15094 28800 900 604800 900
;; Query time: 3 msec
;; SERVER: 10.1.0.2#53(10.1.0.2)
;; WHEN: Wed Nov 1 01:56:07 2017
;; MSG SIZE rcvd: 150