[英]Cannot ping ec2 instances in the same private subnet
I have two EC2 instances in the same private subnet.我在同一个私有子网中有两个 EC2 实例。 I am trying to ping the IP of one EC2 instance to the other instance but getting timeout issues.
我正在尝试将一个 EC2 实例的 IP ping 到另一个实例,但遇到超时问题。
Both instances are added to a security group.两个实例都添加到安全组。 The rules of this security group are:
该安全组的规则是:
Inbound - All Traffic - All Traffic - <VPC CIDR>
Outbound- All Traffic - All Traffic - <VPC CIDR>
On the private subnet, there are net ACLs but these have inbound and outbound rules for:在私有子网上,有网络 ACL,但这些 ACL 具有以下入站和出站规则:
All Traffic - All Traffic - <VPC CIDR>
I would have expected to be able to ping the each of the EC2 instances that are in the same private subnet given the rules that I added.考虑到我添加的规则,我本来希望能够 ping 同一私有子网中的每个 EC2 实例。
Is there some other rule that I am missing?我还缺少其他规则吗?
Do instances within the subnet require anything else to allow communication between the instances?子网中的实例是否需要其他任何东西来允许实例之间的通信?
Edit: Answer The Windows firewall rules on the machine were preventing pinging between the instances.编辑:回答机器上的 Windows 防火墙规则阻止了实例之间的 ping。 This was disabled to confirm it was the case, with the necessary rules added later.
这被禁用以确认是这种情况,后来添加了必要的规则。
You have to allow all ICMP traffic in your security group definition.您必须在安全组定义中允许所有ICMP流量。 See https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html#sg-rules-ping
请参阅https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html#sg-rules-ping
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.