Skip to content

Instantly share code, notes, and snippets.

@tkuchiki
Last active Nov 1, 2017
Embed
What would you like to do?
パブリックアクセス可能なVPC 内で起動したインスタンスの hostname は VPC内/外で別の IP を返す
  • パブリックアクセス可能なVPC 内で起動したインスタンス(EC2 だけでなく、RDS なども)の hostname ec2-xx-xx-xxx-xx.REGION.compute.amazonaws.com は VPC 外では global IPを返し、VPC 内では private IP を返す
    • RDS などをパブリックアクセス可能な状態で起動すると、CNAME で ec2-xx-xx-xxx-xx.REGION.compute.amazonaws.com が返る(中身が EC2 だから)

関連: VPC 内の DB インスタンスに同じ VPC 内の EC2 インスタンスがアクセスする
http://docs.aws.amazon.com/ja_jp/AmazonRDS/latest/UserGuide/USER_VPC.Scenarios.html#USER_VPC.Scenario1

# VPC内
$ dig ec2-xx-xx-xxx-xx.REGION.compute.amazonaws.com ns

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.56.amzn1 <<>> ec2-xx-xx-xxx-xx.REGION.compute.amazonaws.com ns
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63115
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;ec2-xx-xx-xxx-xx.REGION.compute.amazonaws.com. IN NS

;; AUTHORITY SECTION:
REGION.compute.amazonaws.com. 60 IN  SOA     ns0.REGION.compute.internal. hostmaster.amazon.com. 1509501367 3600 3600 3600 60

;; Query time: 3 msec
;; SERVER: 10.1.0.2#53(10.1.0.2)
;; WHEN: Wed Nov  1 01:56:07 2017
;; MSG SIZE  rcvd: 150

# VPC外
$ dig ec2-xx-xx-xxx-xx.REGION.compute.amazonaws.com ns

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.56.amzn1 <<>> ec2-xx-xx-xxx-xx.REGION.compute.amazonaws.com ns
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63115
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;ec2-xx-xx-xxx-xx.REGION.compute.amazonaws.com. IN NS

;; AUTHORITY SECTION:
REGION.compute.amazonaws.com. 60 IN  SOA     dns-external-master.amazon.com. root.amazon.com. 15094 28800 900 604800 900

;; Query time: 3 msec
;; SERVER: 10.1.0.2#53(10.1.0.2)
;; WHEN: Wed Nov  1 01:56:07 2017
;; MSG SIZE  rcvd: 150
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment