无法使用公共 IP ping AWS EC2 实例 [英] Cannot ping AWS EC2 instance with public IP

问题描述

我无法 ping 具有关联公共 IP 的 EC2 实例.在此处发帖之前，我阅读了无法 ping AWS EC2 实例.它没有帮助:

I cannot ping my EC2 instance with which has a public IP associated with it. Before posting here, I read Cannot ping AWS EC2 instance. It didn't help:

以下是我的设置方式:

我使用所有默认设置创建了一个新的 Amazon Linux t2.micro 实例.

I created a new Amazon Linux t2.micro instance using all the defaults.

创建后，EC2中没有IPv4公网IP |实例 |实例.

After creation, it didn't have an IPv4 Public IP in the EC2 | INSTANCES | Instances.

所以我去了EC2 |网络&安全 |弹性 IP，然后单击分配弹性 IP 地址按钮.在公共 IPv4 地址列显示地址后，我单击操作 |关联弹性 IP 地址.

So I went to EC2 | NETWORK & SECURITY | Elastic IPs, and clicked the Allocate Elastic IP address button. After the Public IPv4 address column showed an address, I clicked Actions | Associate Elastic IP address.

我回到了 EC2 |实例 |Instances，IPv4 Public IP列显示我刚刚创建的地址.

I went back to EC2 | INSTANCES | Instances, and the IPv4 Public IP column shows the address I just created.

仍然无法ping通.

所以我去了EC2 |网络&安全 |安全组，单击与实例关联的安全组的链接并添加入站和出站规则，如下所示:

So I went to EC2 | NETWORK & SECURITY | Security Groups, clicked the link for the security group associated with the instance and added an inbound and outbound rule like so:

All traffic          All        All       0.0.0.0/0 
All ICMP - IPv4      ICMP       All       0.0.0.0/0

仍然无法ping通.

所以我去了VPC |Internet 网关，单击创建 Internet 网关按钮，选择默认值，然后将 Internet 网关附加到与实例关联的 VPC.

So I went to VPC | Internet Gateways, clicked the Create internet gateway button, selected the defaults, and then attached the internet gateway to the VPC which is associated with the instance.

仍然无法ping通.

所以我去了VPC |安全 |网络 ACL、编辑入站和编辑出站规则.这就是我对两者的拥有:

So I went to VPC | SECURITY | Network ACLs, Edit Inbound and Edit Outbound rules. This is what I have for both:

Rule #   Type              Protocol       Port Range      Source       Allow / Deny
100      ALL Traffic       ALL            ALL             0.0.0.0/0    ALLOW
101      All ICMP - IPv4   ICMP (1)       ALL             0.0.0.0/0    ALLOW

仍然无法ping通.

还缺少什么才能 ping 通?是的，我可以 ping 网络上的其他主机......只是不能 ping 到 AWS 和为该 EC2 实例列出的公共 IP 地址.

What else is missing to be able to ping? Yes, I can ping other hosts on my network... just not to AWS and the public IP address listed for that EC2 instance.

推荐答案

首先，值得一提的是，一般不需要每次都修改 Network ACL.它们可用于特殊目的(例如创建网络 DMZ)，但除此之外，只需将它们保留为默认值即可.

First, it is worth mentioning that there should generally be no need to every modify the Network ACLs. They can be used for special purposes (eg creating a network DMZ), but otherwise just leave them at their default values.

我还应该提到，使用 PING 通常是不值得的，因为它可以被许多网络配置阻止.与其尝试让 Ping 工作，不如尝试让您实际想要工作的任何东西工作.例如，如果您希望通过 SSH 连接到实例或将其用作 Web 服务器，请尝试让它们工作而不是 Ping.

I should also mention that using PING generally isn't worthwhile because it can be blocked by many network configurations. Rather than trying to get Ping to work, you should try to get whatever it is that you actually want to work, to work. For example, if you wish to SSH into the instance or use it as a web server, try to get them working rather than Ping.

以下是使 PING 正常工作所必需的:

Here are the things that would be necessary to get PING to work:

• EC2 实例在公共子网中启动.这被定义为:
  • 具有路由表条目的子网将0.0.0.0/0定向到互联网网关(您没有提到路由问题中的表格.)
  • The EC2 instance is launched in a public subnet. This is defined as:
    • A subnet that has a Route Table entry that directs 0.0.0.0/0 to an Internet Gateway (You did not mention the Route Table in your Question.)

    因此，根据您提供的信息，您应该确认子网具有指向互联网网关的路由表.

    So, based on the information you have provided, you should confirm that the subnet has a Route Table that points to the Internet Gateway.

    这篇关于无法使用公共 IP ping AWS EC2 实例的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！