By Vikram Godse, Solutions Architect
Initially each Alibaba Cloud Elastic Network Interface (ENI) could have only a single Private IP Assigned to it. One could assign multiple Network Cards to an instance depending on the Instance type. However, we have a new functionality that will allow assigning of Multiple Private IP's to one ENI. In addition, we can use the NAT Gateway to Map an Elastic IP to every Private IP that is assigned to an ENI. This allows having multiple EIP's assigned to an Elastic Compute Service (ECS) Instance in NAT Mode.
A common requirement when building a cloud environment is to have multiple Elastic IPs (EIPs) assigned to a single ECS Instance. This document explains how you can configure this Multi-EIP to ENI mapping for an ECS Instance using NAT Gateway's DNAT configuration.
For the purpose of this document:
The following CLI command will assign multiple private IPs to a single ENI
aliyuncli ecs AssignPrivateIpAddresses --AccessKeyId xxxxxxxxxxxxxxxxxx --AccessKeySecret nnnnnnnnnnnnnnnnnnnnn --NetworkInterfaceId eni-d7o0bbec73w53nxctkaz --SecondaryPrivateIpAddressCount 8Once the IP Addresses are assigned to the Interface. These need to be activated from the Operating System, CentOS in this case. Use the following command to activate the Private IP Addresses
ifconfig eth0:1 172.16.0.118 netmask 255.255.255.0 upActivate all the IP's and you should see them in the OS when you run the ifconfig command
Set up a NAT Instance and purchase Bandwidth. One bandwidth package can assign up to 50 Public IP Addresses. However this is a soft limit and can be increased.
Now configure DNAT to map each Public IP to a corresponding Private IP as follows
The following is a summary of the Network Interfaces, the Private IPs and the Public IPs mapped to them
The following instance is available in the London Region where we have assigned the Private IPs.
CPANEL supports configuration of EIP configuration in a 1:1 NAT Mode.
CPANEL is configured on the instance. However in CPANEL we can only see the Public NAT IP of the Primary Interfaces eth0, eth1, eth2, eth3 but not of the virtual interfaces eth0:1, eth0:2, eth0:3 etc.
For virtual interfaces configured via the ECS instance's OK, we can run a command like this one:
ifconfig eth0:1 172.16.0.118 netmask 255.255.255.0 upIf you try to access the CPANEL console with the NAT IP of the Virtual Interface, it works. However CPANEL is unable to see the Public NAT IPs assigned to the virtual interfaces automatically.
To allow CPANEL to see all the NAT Public IPs, in CPANEL there is file called /var/cpanel/cpnat where you can configure the NAT IPs mapping to the Public IPs as follows:
Once the cpnat file is updated, the updated NAT Public IP's can now be seen in the CPANEL interface. Click on "Validate" to confirm the routing: a "tick mark" shows that the mapping is valid (as below):
In this document we have shown how to configure multiple EIPs to map to one or more private IP addresses using NAT Gateway.
Thus we can now map multiple Private IP addresses to one ENI (network interface) and using the NAT Gateway we can then map multiple Public IPs to the corresponding Private IPs of our ENIs, and these Public IPs can then be seen from within CPANEL.
Some limitations to be aware of:
Supporting Pre-Peak Scale-up and Post-Peak Scale-Down with DBFS
2,599 posts | 762 followers
FollowAlibaba Clouder - February 8, 2021
Alibaba Clouder - January 25, 2021
Alibaba Clouder - April 13, 2021
Alibaba Clouder - February 25, 2020
Alibaba Cloud Community - February 9, 2022
Marketplace - August 18, 2020
2,599 posts | 762 followers
Follow
NAT(NAT Gateway)
A public Internet gateway for flexible usage of network resources and access to VPC.
Learn More
ECS(Elastic Compute Service)
Elastic and secure virtual cloud servers to cater all your cloud hosting needs.
Learn More
VPC
A virtual private cloud service that provides an isolated cloud network to operate resources in a secure environment.
Learn MoreMore Posts by Alibaba Clouder