Elastic Network Interfaces (ENIs) in AWS are a key component of Amazon EC2 instances, and they play a role in network connectivity and management.
- Definition: Elastic Network Interfaces (ENIs) are virtual network interface cards that you can attach to Amazon EC2 instances.
- Functionality: ENIs enable network connectivity for EC2 instances and are essential for various networking features.
- Attachment: You can attach multiple ENIs to an EC2 instance, each serving a different purpose.
- Primary ENI: Every EC2 instance is launched with a primary ENI that is created automatically.
- Additional ENIs: You can attach additional ENIs to an EC2 instance, up to the instance type’s limits.
- Use Cases: ENIs are used for various purposes, such as connecting to Virtual Private Clouds (VPCs), Elastic Load Balancers (ELBs), or Network Address Translation (NAT) gateways.
- MAC Address: Each ENI has its own unique MAC address.
- Private IP Addresses: ENIs can be assigned one or more private IP addresses from the associated subnet.
- Elastic IP Addresses: You can associate Elastic IP addresses with a specific ENI to make them persistent.
- Security Groups: ENIs can have their own security group rules to control inbound and outbound traffic.
- Network ACLs: They can also be associated with Network Access Control Lists (NACLs) for additional network security.
- Instance Termination: When an EC2 instance is terminated, all associated ENIs are automatically detached.
- ENI Types: There are two types of ENIs: standard and elastic fabric adapter (EFA) ENIs.
- Standard ENIs: Standard ENIs are used for general-purpose networking requirements.
- Elastic Fabric Adapter (EFA) ENIs: EFA ENIs are specialized for high-performance computing (HPC) and tightly coupled, low-latency workloads.
- Warm Pools: You can create warm pools of EC2 instances with pre-attached ENIs for faster scaling.
- ENI Limitations: The number of ENIs you can attach to an EC2 instance depends on the instance type and the AWS region.
- ENI Limit Increases: You can request a limit increase for ENIs if your use case requires more than the default limit.
- ENI Detach/Attach: You can detach and attach ENIs to running instances without stopping or rebooting them.
- Elastic Network Adapter (ENA): Many EC2 instances are launched with ENAs, which provide enhanced networking capabilities.
- Bonds and Bonding Modes: You can bond multiple ENIs for redundancy and increased network throughput using bonding modes like active-passive or active-active.
- Cross-VPC Attachments: You can attach an ENI from one VPC to an EC2 instance in another VPC within the same region using VPC Peering or Transit Gateway.
- ENI Monitoring: You can monitor the network performance of ENIs using Amazon CloudWatch metrics.
- ENI Lifecycle Hooks: You can use EC2 Auto Scaling lifecycle hooks to manage ENIs during scaling events.
- EC2 Launch Templates: ENIs can be specified in EC2 launch templates for consistent ENI attachment during instance creation.
- Resource Tagging: You can assign tags to ENIs for better resource management and tracking.
- Security Group Rules: ENIs can be a part of multiple security groups, allowing you to define rules more granularly.
- ENI Elastic Inference: ENIs can be used to attach Elastic Inference accelerators to EC2 instances for AI/ML workloads.
- ENI Private DNS: ENIs support private DNS resolution, allowing instances to resolve private DNS names.
- ENI Limits for Transit Gateway: When using Transit Gateway, there are specific limits on the number of ENIs that can be attached to instances in a VPC attachment.
Elastic Network Interfaces are a crucial part of configuring and managing the network connectivity of your EC2 instances in AWS, and understanding their capabilities is important for building scalable and secure architectures.