Amazon RDS Endpoint internal

Question

How can I make ec2 instance communicate with rds instance on aws by internal ip address or dns? I only see public dns like xxx.cehmrvc73g1g.eu-west-1.rds.amazonaws.com:3306 Will internal ipaddress will be faster than public dns?

Thanks

Answer 1

Check out the AWS EC2 docs: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-instance-addressing.html#concepts-private-addresses.

It doesn't appear that this necessarily applies to RDS, however.

Answer 2

A note for posterity, ensure that you enable DNS on the VPC Peering link!

Enabling DNS Resolution Support for a VPC Peering Connection

To enable a VPC to resolve public IPv4 DNS hostnames to private IPv4 addresses when queried from instances in the peer VPC, you must modify the peering connection.

Both VPCs must be enabled for DNS hostnames and DNS resolution.

To enable DNS resolution support for the peering connection

1. Open the Amazon VPC console at https://console.aws.amazon.com/vpc/.

2. In the navigation pane, choose Peering Connections.

3. Select the VPC peering connection, and choose Actions, Edit DNS Settings.

4. To ensure that queries from the peer VPC resolve to private IP addresses in your local VPC, choose the option to enable DNS resolution for queries from the peer VPC.

5. If the peer VPC is in the same AWS account, you can choose the option to enable DNS resolution for queries from the local VPC. This ensures that queries from the local VPC resolve to private IP addresses in the peer VPC. This option is not available if the peer VPC is in a different AWS account.

6. Choose Save.

7. If the peer VPC is in a different AWS account, the owner of the peer VPC must sign into the VPC console, perform steps 2 through 4, and choose Save.

Answer 3

You can use the "Endpoint" DNS name. It will resolve to the internal IP when used within the VPC and resolves to a public ip when used outside of your AWS network. You should never use the actual IP address because the way the RDS works it could possibly change in the future.

If you ping it from your EC2 (on the same VPC) server you can verify this.

It is amazing to see the amount of down votes I've got given that my answer is the only correct answer, here is 2 other sources:

https://forums.aws.amazon.com/thread.jspa?threadID=70112

You can use the "Endpoint" DNS name. It will resolve to the internal IP when used within EC2.

https://serverfault.com/questions/601548/cant-find-the-private-ip-address-for-my-amazon-rds-instance2

The DNS endpoint provided in the AWS console will resolve to the internal IPs from within Amazon's network.

Answer 4

When resolving your RDS instance from within the same VPC the internal IP is returned by the Amazon DNS service.

If the RDS instance is externally accessible you will see the external IP from outside the VPC. However, if the EC2 instance NOT available publiclly the internal IP address is returned to external and internal lookups.

Will internal ip address will be faster than the external address supplied by public dns? Most likely as the packets will need to be routed when using the external addresses, increasing latency.

It also requires that your EC2 instances have a public IP or NAT gateway along with appropriate security groups and routes, increasing cost, increasing complexity and reducing security.

Answer 5

its pretty easy, telnet your RDS endpoint using command prompt on windows or through unix terminal

for example: telnet "you RDS endpoint" "Port"

trying to connect "You get your RDS internal IP here"