How EC2 instances get their IP addresses?

ENI is Elastic Network Interface. This is the part that assign IP address to things. Here elastic means it can be attached to different EC2 instances thus elastic. When we create an EC2, AWS automatically assigns default ENI to EC2, that’s why we get public and private IP to EC2 out of the box. If we were to remove that ENI then that EC2 won’t have any IPs assigned to it.

When you launch an EC2 instance, AWS automatically provides a default network interface (ENI), and with it, the instance gets an IP address.

Here’s how it works by default:

1. Private IP Address (within your AWS network): Every EC2 instance gets a private IP address that it uses to communicate within its Virtual Private Cloud (VPC), which is AWS's private network for your instances. This address is like an internal phone number – it’s used only for communication inside AWS (other instances, databases, etc.).
2. Public IP Address (for the internet): Depending on your instance's configuration, AWS might also assign a public IP address. This is the address that allows your EC2 instance to communicate with the internet. You can think of it as the "public face" of your instance, making it reachable from the outside world (e.g., people visiting a website hosted on the instance).

But here’s the key point:

• The IP addresses (both public and private) are tied to the Elastic Network Interface (ENI). So, if you detach or remove the ENI from your EC2 instance, those IP addresses go away, and your instance will no longer have a way to communicate.

In summary:

• Yes, EC2 instances come with default IP addresses, but those addresses are assigned to the ENI. Without the ENI, your instance won’t have any IP address and won’t be able to communicate.

Below is more detailed explanation:

When an EC2 instance in AWS is launched, it is assigned one or more IP addresses based on the networking configuration of the instance. Here’s a detailed explanation of how an EC2 instance gets its IP addresses:

1. Virtual Private Cloud (VPC) and Subnet Configuration

• VPC: Every EC2 instance is launched in a VPC, which is a virtual network dedicated to your AWS account. A VPC spans multiple availability zones and can contain multiple subnets.
• Subnet: EC2 instances are launched in a subnet within a VPC. A subnet defines a range of IP addresses based on the subnet’s CIDR block (e.g., 10.0.0.0/24). The subnet determines the IP address pool from which EC2 instances are assigned their private IP addresses.

2. Private IP Address

• When you launch an EC2 instance in a subnet, it is assigned a private IP address. This private IP address is from the IP address range of the subnet (which is a subset of the VPC’s IP range).
• The private IP is used for internal communication within the VPC or between instances and services that are part of the same VPC (or peered VPCs).
• The private IP is permanent for the instance during its lifetime and remains associated with the instance even when it is stopped and restarted.

3. Public IP Address

• Public IPs allow instances to communicate with the internet. Not all EC2 instances receive a public IP by default. The assignment depends on whether the subnet is configured to automatically assign a public IP to instances launched in it.
• The public IP is dynamically assigned from AWS’s public IP pool when the instance is launched and is associated with the instance as long as it is running. However, once the instance is stopped or terminated, the public IP is released and may be reassigned to another instance.

4. Elastic IP Address (EIP)

• An Elastic IP is a static public IP address that you can allocate to your AWS account and manually associate with an EC2 instance.
• Unlike dynamically assigned public IPs, an Elastic IP remains associated with your AWS account until you release it, even if the instance it’s associated with is stopped or terminated.
• EIPs are useful when you need a static public IP address that doesn’t change even when the instance is restarted or replaced.

5. Elastic Network Interface (ENI) and IP Address Assignment

• Every EC2 instance is assigned at least one Elastic Network Interface (ENI), which is the network interface that connects the instance to the VPC.
• By default, each ENI is associated with:
• The ENI is the component responsible for network communication, and all IP addresses assigned to the instance are attached to the ENI. An instance can have multiple ENIs, and each ENI can have multiple IP addresses (private, public, and Elastic IPs).

6. DHCP and IP Address Allocation

• AWS uses DHCP (Dynamic Host Configuration Protocol) internally to assign private IP addresses to EC2 instances within a VPC.
• The DHCP options in the VPC define the domain name servers (DNS) and domain names that instances will use. When an instance is launched, it requests an IP address from the AWS internal DHCP server, which assigns the private IP from the available pool in the subnet’s CIDR block.
• Note: You cannot configure your own DHCP server; AWS manages DHCP automatically.

7. How EC2 Instances Use Their IP Addresses

• Private IP Address:Used for internal communication between instances and services in the same VPC (or connected VPCs).It is also used for communication with other AWS services within the VPC (e.g., connecting to an RDS database or an S3 endpoint within the same VPC).
• Public IP Address (or Elastic IP):Used for communication with the internet. When an instance has a public IP address, outbound traffic from the instance to the internet uses that IP.Any inbound traffic from the internet, such as web requests or SSH access, can reach the instance via its public IP.

8. NAT Gateway and Internet Gateway

• Internet Gateway (IGW): This is a VPC component that allows instances in the VPC to communicate with the internet. Instances in public subnets use the Internet Gateway to route traffic to and from the internet.
• NAT Gateway: For instances in private subnets (which don’t have public IPs), a NAT Gateway can be used to allow outbound traffic to the internet while keeping the instance private and unreachable from the internet.

IP Addressing Summary:

• Private IP: Assigned automatically within the subnet’s IP range for internal communication.
• Public IP: Optionally assigned for internet-facing instances; released when the instance is stopped or terminated.
• Elastic IP: A static public IP you can reserve and manually assign to instances, useful for ensuring a consistent public IP.

Example Scenario:

1. You launch an EC2 instance in a public subnet (10.0.0.0/24 CIDR).
2. The instance is assigned a private IP like 10.0.0.15 from the subnet’s address range.
3. If the public IP option is enabled, the instance is also assigned a public IP like 52.23.45.67.
4. If you need a static IP for the instance, you can allocate an Elastic IP and associate it with the instance to ensure that the public IP remains constant, even after stopping and starting the instance.

IPv6 Addresses

• If the VPC and subnet are IPv6-enabled, EC2 instances can also get IPv6 addresses, which are globally routable and do not require NAT for internet access. IPv6 addresses are assigned from the VPC’s IPv6 CIDR block.

This detailed process outlines how IPs are assigned to an EC2 instance and the roles played by the VPC, subnet, and ENI in networking.