title: “EC2 ClassicLink and ELBs”
date: 2015-01-09 16:08:02 -0800
categories: AWS VPC
I was looking at EC2 ClassicLink today. It is going to make VPC migrations much easier. Some things I noticed:
- Connectivity to external-facing ELBs only works if the ELBs have ‘world’ incoming access, or specifically mention the public IPs of the source. That is because the ELB IP resolves to its public IP.
- Connectivity to internal-facing ELBs work fine, assuming the source security group has access.
- My default-VPC IP space overlapped with my EC2 Classic node’s DNS resolver in /etc/resolv.conf, so attaching it to the VPC broke DNS. Update 1/25/15: I retested this and it is working now, so I’m not sure that this is a problem anymore.
- The ReInvent session says that instance-DNS won’t resolve, so you won’t be able to use ec2-* domain names to reach specific instances — it’ll have to be IPs.