Skip to main content

Configure an Amazon EC2 Instance with Dual-Homed Network Connectivity

Hands-On Lab

 

Photo of Tia  Williams

Tia Williams

AWS Training Architect II in Content

Length

00:30:00

Difficulty

Intermediate

In this Hands-On Lab we are assuming the role of AWS consultants who have been tasked with configuring an Amazon EC2 instance to support a new application. The application requires connection to two different networks, so the application server must be connected to two different subnets. The first is public subnet, for public access to the web application. The second is where a custom database server resides. The database is a customized application, and requires the application server to have an IP address on the same subnet.

What are Hands-On Labs?

Hands-On Labs are scenario-based learning environments where learners can practice without consequences. Don't compromise a system or waste money on expensive downloads. Practice real-world skills without the real-world risk, no assembly required.

Configure an Amazon EC2 Instance with Dual-Homed Network Connectivity

Scenario

Our task is configure an application server so that it connects to both the public and private subnets, and obtains an IP address on each one. The VPC is using a Class C CIDR of 192.168.0.0/24. The public subnet is using the CIDR 192.168.0.0/26, and the private subnet is using the CIDR 192.168.0.128/26.

Being consultants, we know things don't always go as planned. We need to assess the environment, take corrective action as necessary, and complete the task of dual-homing the instance.

Let's make sure we're in the US-EAST-1 Region, and we can get going on this little project.

Create a subnet in the correct AZ

The two subnets we're working with are in two AZs, us-east-1a and us-east-1b, and that's not going to work. So we'll have to make a new subnet. The customer is currently using the instance in us-east-1b, so that's where we'll create the subnet. Then we'll migrate the EC2 instance over from where it's sitting in us-east-1a.

At the VPC dashboard, click Subnets in the left-hand menu. To make the new one, we can click Create subnet. Give it these parameters:

  • Name tag: Public2
  • VPC: This is set automatically
  • Availability Zone: us-east-1b
  • IPv4 CIDR block: 192.168.0.64/26

We can click Create and Close.

Create the new EC2 instance

In our main Services menu (up at the top of the screen), find EC2. In the EC2 dashboard, click Launch Instance. Select the Amazon Linux 2 AMI from the list of AMIs, leave t2.micro selected, and click the Next: Configure Instance Details button.

On this page, we're greeted with several dropdowns. We're only concerned with two though. We need to select our Public2 from the Subnet list, and we need to make sure we set Auto-assign Public IP to Enable.

Click Next: Add Storage. Everything is fine here, so let's keep moving along by clicking Next: Add Tags, then click Next: Configure Security Group.

Here, we'll choose Select an existing security group from the Assign a security group list, select the one that says Enable access to the EC2 host, and then click Review and Launch. Click Launch on the next screen.

We'll get a popup about key pairs, where we'll set the dropdown to Create a new key pair, and use dualhome as a Key pair name. Click the Download Key Pair button, then the Launch Instances button. Click View Instances, where we'll be taken to the screen that shows us all of our instances and what state they're in.

Create a new interface

While we're still in the EC2 dashboard, find Network Interfaces in the left-hand menu. Click Create Network Interface here, and fill in the following form with these values:

  • Description: AppServer1Int
  • Subnet: Public2
  • Security groups: Select the one with the Description of Enable access to the EC2 host

It's safe to click Create.

Attach the new interface to the new instance

Now, back in the EC2 Instances screen, highlight the one we created a little bit ago,the new one in us-east-1b. Up in the Actions menu, select Networking, then click on Attach Network Interface. In this pop up that comes flying out at us, our Instance ID should be the newest EC2 instance. In the Network Interface dropdown, select AppServer1Int. Click Attach, and we're done.

Conclusion

No, really. We're done. We can look at the Details tab (in the lower part of the Instances screen) and see now that our instance has two private IP addresses. It's officially dual-homed. Congratulations!