AWS service to setup port forwarding from Elastic IP to EC2 instances

amazon-ec2 amazon-web-services port-forwarding amazon-elastic-ip

8,497

How strict is the Elastic IP requirement?

What you're describing is an Elastic Load Balancer (ELB). Unfortunately, these don't work with Elastic IPs.

ELBs can balance HTTP traffic and offload the SSL part of HTTPS traffic. They can also do plain TCP balancing which is what you're describing in the question. They can "stick" to an instance, even if it is rebooted and gets a new IP address.

If it must be an Elastic IP, IPTables would be the tool I'd use and the instructions for that are no different within Amazon EC2 than anywhere else. You will have to reconfigure IPTables every time any of your back-end instances reboots and gets a new IP address (unless your instances are in a Virtual Private Cloud (VPC), which I would highly recommend if you go down the IPTables route.)

8,497

David Winter

Software Engineer. Tunbridge Wells. European 🇪🇺

Updated on September 18, 2022

Comments

David Winter almost 2 years

Is there an AWS service (rather than creating an instance, and doing something via iptables?) that will allow me to use the API to set up port forwarding from a single Elastic IP address, onto multiple EC2 instances.

Say I have the Elastic IP 54.345.67.89. When I create an EC2 instance, rather than assign it it's own Elastic IP, I'd like to create a new port for the Elastic IP address and forward on traffic from that port to a port on the new instance.

So, 54.345.67.89:25600 would forward onto -> 10.123.456.78:25600

Then if I create another instance, I'd be able to use create another port that the Elastic IP would use to forward onto that new instance:

54.345.67.78:25601 would forward onto -> 10.123.456.79:25600
David Winter over 11 years

Thanks - I don't really need traffic to be balanced though, just specific ports forwarding onto specific instances. Can I still use ELB for that? Is that what you mean by 'stick' to an instance?
David Winter over 11 years

Having looked at ELB, doesn't look like you can assign ports in the ELB to a specific instance. It does just balance it out - which is what I gathered previously. IPTables sounds like the solution, though it's just not as easy to setup or manage as I'd have hoped.
Ladadadada over 11 years

You would need one ELB for each back-end, otherwise it would balance connections across all of them. Presumably, this is all in aid of cost-reduction. You might have to check the prices to make sure this is worthwhile doing.
David Winter over 11 years

That's correct. The instances won't always be running, and I don't want a bunch of Elastic IP's sitting around, not being associated to instances while they're turned off. If I can just have the one Elastic IP and port forward onto the private IP addresses, that'd be great. If I had an ELB per instance, I don't think that'd save me much in terms of money or cost to manage.