Before we get down to how EC2 networking actually works, it is important to understand the differences in networking between traditional datacenters and the public clouds.

The defining difference between both is the fact that traditional datacenter networks are generally made up of physical switches and routers that are connected to physical hardware that transmits and receives data or packets from one place to another.

Virtual filters

A similar set up is at play in the case of cloud computing. However, virtual devices have replaced physical ones in this environment — everything from virtual servers, virtual network cards, virtual switches, and virtual routers.

In addition to that, a cloud based network is also heavily filtered.

Cloud providers like AWS only allow unicast diagrams over their networks, and restrict all broadcast diagrams. The reason? Primarily security, and also to prevent DDoS attacks on their network, though there are other reasons for this as well. What this means for you as a cloud user is that some of your applications may not fit on a public cloud, particularly the ones that require broadcast capabilities over a network. That said, there are ways to get past this limitation.

A look at EC2 networking

Amazon provides each instance that you launch in your EC2 environment with two IP addresses, a private one and a public one. This is the default behavior of an instance, and AWS assigns it a unique private IP address using its own internal DHCP service. You can use this private IP address to communicate with the instances present in the same network, but not for any networking with the outside world — which is to say the Internet.

AWS users also get an internal DNS hostname for their instances, and that lengthy string tells a lot about that particular instance.

The same applies to the public IP address, with the exception being that this IP address will be reachable from the Internet. You will be using this to communicate with the outside world, and this is what you will need to set up your website on Amazon Web Services. AWS maps the public IP address of an instance to its corresponding private IP address using simple NAT, and likewise, provides it with a public DNS value as well.

The battle for control

At the end of the day, networking is all about control. And the extent of which you can control your networking and IP address allocation on Amazon Web Services depends on whether your instances are launched from a standard EC2 environment or whether from a VPC.

The former does not really give you much control, whereby each instance is provided with a single unique private as well as public IP address and DNS respectively. And you cannot reuse these values when your instances are either stopped or terminated. That is because these values are automatically released to the general IP pool.

A VPC environment, on the other hand, provides much more flexibility when it comes to the IP addressing of your instance. Depending on your requirements, you can define and run instances from specially created subnets that can either be isolated (private) or connected to the Internet (public), and also provide your instances with more than one private and public IP address.

In addition to all that, instances in a VPC do not release their private IP addresses back to the general pool when they are stopped.

We will be taking a detailed look at what an Amazon VPC exactly is in future articles.

Read more about EC2 here