ENI - logical virtual network card - can create, configure and attach to an EC2 instance - configuration is bound to the ENI not the instance it is attached to, meaning an ENI can be detach from an instance and reattached to another while retaining the configuration e.g private IP, elastic IP, MAC address - when you create an EC2 instance it comes configured with a PNI that cannot be removed or detached from it, labelled Eth0 - occasions arise where you need your instances to have multiple network interfaces. This second network interface can be configured with a private IP to handle different traffic from a different subnet - all traffic flowing through ENIs can be captured using VPC Flow logs - the quantity of ENIs depends on instance type
Guys, any of you's know why you would need or have a secondary network interface card when you have the primary interface card? I know of dual ethernet cables to maximise throughput in traditional computing/servers - but not getting why you would a secondary NIC in cloud ...
Hi Zia, that's a great question. Secondary NICs can be used for a variety of reasons, probably the most common is to create a separate management network, whereby each NIC in each of your instances shares an IP address of a different subnet to which you could forward management traffic to. Other use cases include: Using network and security appliances in your VPC, or creating dual-homed instances with workloads/roles on distinct subnets, or to create a low-budget, high-availability solution. For more information on all of these, take a look at the following AWS document here: docs.aws.amazon.com/AWSEC2/latest/UserGuide/scenarios-enis.html
Why i cant attach the ENI i created to multiple instances? Im thinking if you want your instances to communicate in the same private subnet, to use ENI and attach your instances to it. Is that not the purpose?
ENI - logical virtual network card
- can create, configure and attach to an EC2 instance
- configuration is bound to the ENI not the instance it is attached to, meaning an ENI can be detach from an instance and reattached to another while retaining the configuration e.g private IP, elastic IP, MAC address
- when you create an EC2 instance it comes configured with a PNI that cannot be removed or detached from it, labelled Eth0
- occasions arise where you need your instances to have multiple network interfaces. This second network interface can be configured with a private IP to handle different traffic from a different subnet
- all traffic flowing through ENIs can be captured using VPC Flow logs
- the quantity of ENIs depends on instance type
Can't really understand the usefulness of secondary ENI?
Separate data flow from control flow. If you want to see who and when ssh'ed into instance, for example, you will check it via secondary eni.
Concise and very informative video. Helped me to understand ENI. Thank you very much.
Visuals & presentation is exceptional
Thank you Chandramouli!
Thanks a lot, that was very useful I finally understood ENIs
Great video. Crystal clear.
Thank you Michele!
Guys, any of you's know why you would need or have a secondary network interface card when you have the primary interface card? I know of dual ethernet cables to maximise throughput in traditional computing/servers - but not getting why you would a secondary NIC in cloud ...
Hi Zia, that's a great question. Secondary NICs can be used for a variety of reasons, probably the most common is to create a separate management network, whereby each NIC in each of your instances shares an IP address of a different subnet to which you could forward management traffic to. Other use cases include: Using network and security appliances in your VPC, or creating dual-homed instances with workloads/roles on distinct subnets, or to create a low-budget, high-availability solution. For more information on all of these, take a look at the following AWS document here: docs.aws.amazon.com/AWSEC2/latest/UserGuide/scenarios-enis.html
Thanks! Very good straight forward video
Thank you Walter!
Why i cant attach the ENI i created to multiple instances? Im thinking if you want your instances to communicate in the same private subnet, to use ENI and attach your instances to it. Is that not the purpose?