A theoretic question :
If i have a cloud account in amazon EC2, (or at all...)
and i access an instance from another instance by its public IP and not its Private IP,
Will it make a difference ? will the routers/switches know that they are in the same network or will the information go outside and inside again ?
Thanks!
If you connect via public DNS. EC2 automatically resolves it to an internal IP within ec2 and external IP outside of ec2. The form of the public DNS follows a simple pattern that incorporates the public IP.
Related
The use case is the following:
Private network for the GCP project
VPN on the local computer that seems to be blocking SSH connections
A VM that has a webapp to be accessed but we don't want to expose the IP to the public network
What are the best practices to keep it private and to access it eg. with OAuth authentication?
What are the steps to make and to follow?
Appreciate your help with this.
There are several methods in Google Cloud. The second method is the recommended method based upon the requirements in your question.
If the users have defined public IP addresses, use Google Cloud VPC firewall rules to only allow access from approved IP addresses.
Do not assign a static public IP address to the instance. Add an HTTP(S) Load Balancer and enable IAP. Add each user's identity to IAP for identity-based access control.
Additional methods suitable for developers:
My favorite is to use WireGuard (VPN) and use peer-based access control.
So, I have two instances on Linode. Both of them came with a public IP and a private IP. I'm using one instance as my application backend and other as database server. Now I'm wondering by which IP it is better to connect to the database instance from backend one. Will there be any speed difference even in micro second scale?
In the "micro second scale", possibly, depending on how the network is configured. More importantly though, using the private IP is safer. Given the opportunity, you should never have a database serving on a public IP address.
Me and my 3 friends want to connect our computers through a VPN with each other. We thought of using Tinc for our purpose. While I understood most of the part of setting up but what I'm unable to get is the Public IP of my computer. Tinc requires the Public IP of at least one of the hosts for it to initiate connection. I tried going on the internet to find my Public IP but different websites are giving me different results. What should I put in the configuration file for my Public IP?
EDIT
Specifically we have a Raspberry Pi which is with me currently. We want everyone of us to be able to access the device. I installed Tinc on the Pi and then I don't know what to do for the Public IP. I'm using SSH to control the Raspberry Pi. So please tell me how to find the public address of the Pi through SSH.
You can find your Public IP address by using one of these methods.
Open Google and type "What's my IP". Google displays your Public IP address in the result.
Go to What Is My IP to find out your Public IP.
Since you're using the command line, I would recommend this: execute curl ipinfo.io/ip command and your Public IP will be displayed.
If your router does not reboot, you public IP is not supposed to change. So, if you go on a website like this one, you should have your public IP displayed.
I have two environments on jelastic 4.7. On one of them I have a Java Stack and a Redis server that need to be kept private without a public IP address. On the other environment, I have a Node.js Stack that have a Public IP.
So, Im searching the docs exhaustively and can't find the answer to the question.
Can I access the private IP and port of my Redis from the node app?? Every node on Jelastic has a local ip address. Can I access those between environments??
I think it's a simple question. I'm trying to avoid the overhead of creating a public IP Address for Redis.
Can I access the private IP and port of my Redis from the node app??
Every node on Jelastic has a local ip address. Can I access those
between environments??
Yes, you can connect to different nodes of different environments using just a local IP within one hosting provider or its regions (depends on providers setup). Also, you can use Endpoints in order to connect to local IPs of other providers or to the regions within one provider, if direct connection can't be established.
Besides that, you can use, for example, CNAME of database instead of a local IP.
I am setting up a VPC on Amazon AWS using Scenario 2: VPC with Public and Private Subnets.
In the "Adding Rules to the WebServerSG Security Group" section, it specifies to set an inbound SSH rule, specifying allowed sources to be: "Your network's public IP address range".
I have an elastic IP address assigned to my NAT EC2 device. When I created my public web server (in the public subnet) I also assigned a public IP address to it (as part of the wizard). This does not appear in my elastic IP list for some reason (although I believe them to be the same thing right?). They are are not contiguous addresses.
I am not sure exactly what is supposed to happen here. Am I supposed to be able to ssh into the web server in the public subnet? Why would I specify that the only source to be able to ssh into the web server is my network's public IP address range? When I set the allowable source address to either of the public IPs, my connection is refused. Am I supposed to be SSH-ing somewhere else.
Could someone please explain to me exactly how this setup is supposed to work, in terms of how I am supposed to be SSH-ing into the instances remotely?
"Your network's public IP address range" means the network where you are -- not EC2... it refers to the public IP address or range of the computer where you're sitting now, your office network, your home network, any network where your traffic will be be coming from when you want to access the EC2 machines remotely to administer them.