A Discussion of Public and Private DNS Addresses on EC2

This week I’ll focus on a more general topic, not only relevant to ScaleBase.
Since many of our customers are running on EC2 we quickly run into issues of network configuration, security and costs. So – we have gathered some extensive knowledge in the many ins and outs of the EC2 environment. Today I’ll discuss the topic of public and private DNS addresses in EC2.
Each instance has 2 DNS entries associated with it. One is public, and is accessible from any computer on the internet. The second is a private DNS address, and is only accessible from within the specific EC2 region it’s defined in (no matter which availability zone you’re using).

The thing is that using public networking in EC2 costs money. And if you don’t want to pay this money – it’s natural to assume you have to use the private DNS.
Turns out that this is not the case. You can use the public DNS address in the region you use, and still get the private IP address from the DNS server. You can read it here, and it’s easily tested – just run a ping from another machine in the same region, and use the public and private DNS addresses. You’ll see the same IP address!

This is great for replicating your environment across regions, and while I still recommend people to use internal DNS address (you never know when Amazon will change this behavior) – it’s perfectly safe to use a public DNS address.