Adding Secondary (ENI) - Private IP to Amazon EC2 (Ubuntu 22.04) for SSH
Govind Kumar
Posted on March 21, 2023
Problem:
If you have an Amazon EC2 instance running Ubuntu 22.04, you might need to access the instance from multiple private IP addresses. This can be challenging because, by default, an EC2 instance is assigned a single private IP address at the launch.
Solution and Approach:
To solve this challenge, you can add a secondary private IP address to your EC2 instance using an Elastic Network Interface (ENI). This will allow you to SSH into the instance using the new private IP address. Here are the steps you need to follow:
But before that Let's understand:
What is an ENI?
It is a virtual network interface that holds a certain number of IPs for communication. There are multiple options to configure an ENI
Option 01: Setup an ENI while launching the EC2 Instance
It is advisable not to apply these steps directly on Prod Instances. Please ensure that you have tested this setup on Dev infra before moving it to the higher environments.
Option 02: Create an ENI from the Console, Navigate to the created ENI and attach it as a secondary ENI to an EC2 Instance.
Once the ENI is attached to the EC2 Instance, you should be able to locate 2 private IPs on the EC2 (Networking Window)
Steps to make use of the ENI
Step 01: Log in to the Server Using SSH
Take a note of the IP address using the following command
ip a
It should return the two ENIs
Step 02: Get note of the gateway
Take note of the Gateway
ip r
The above command should return the gateway
In this case, it is default via 10.0.12.1
Step 03: Disable the Network Configuration using the following steps
sudo vi /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg
Add the Following Line
network: {config: disabled}
Step 04: Navigate to the folder and create 2 Files (ens5.yaml & ens6.yaml)
sudo vim /etc/netplan/ens5.yaml
Past the below contents in ens5.yaml file
network:
version: 2
renderer: networkd
ethernets:
ens5:
addresses:
- 10.0.13.193/22 #The private IP address of primary ENI
dhcp4: no
routes:
- to: 0.0.0.0/0
via: 10.0.12.1 # Default gateway, you can find it using** ip r** command
table: 1001
- to: 10.0.13.193
via: 0.0.0.0
scope: link
table: 1001
routing-policy:
- from: 10.0.13.193
table: 1001
Past the below contents in ens6.yaml file
sudo vim /etc/netplan/ens6.yaml
network:
version: 2
renderer: networkd
ethernets:
ens6:
addresses:
- 10.0.15.150/22 #The private ip of newly created ENI - Secondary ENI
dhcp4: no
routes:
- to: 0.0.0.0/0
via: 10.0.12.1 # Default gateway
table: 1002
- to: 10.0.15.150
via: 0.0.0.0
scope: link
table: 1002
routing-policy:
- from: 10.0.15.150
table: 1002
Step 05: Ensure that you correctly place the IP address, Routes, Table Value and Default Gateway address.
Step 06: Apply the changes
sudo netplan --debug apply
And, here we go! You should be able to take the ssh of your system from both IP addresses.
Summary
In conclusion, adding a secondary private IP address to an EC2 instance running Ubuntu 22.04 is a straightforward process that can be accomplished by following a few simple steps. By adding a secondary private IP address, you can access your EC2 instance from multiple private IP addresses, which can be useful in certain situations. Always remember to follow best practices such as stopping the instance before adding the secondary private IP address and assigning a private IP address from the subnet's IP address range.
Posted on March 21, 2023
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.