6:[["$","$Le",null,{}],["$","div",null,{"className":"min-h-screen bg-gray-100 p-6","children":[["$","$Lf",null,{}],["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"QAPage\",\"mainEntity\":{\"@type\":\"Question\",\"name\":\"DNS resolution in aws from EC2\",\"text\":\"

If spinned up an EC2 instance in a vpc, I removed all outbound rules for security group of EC2, when I ping any public domain like google.com, Facebook.Com from server, still its getting the ip address of domain(similarly pinging Google.com {ipaddress} with 32 bytes of data). From where does instance gets ip address of domain and on which port? even though I blocked all outbound rules of security group?

\\n\",\"author\":{\"@type\":\"Person\",\"name\":\"Venkatesh \"},\"upvoteCount\":1,\"answerCount\":1,\"acceptedAnswer\":null}}"}}],["$","div",null,{"className":"bg-white shadow-md rounded-lg p-6 mb-6 relative","children":[["$","div",null,{"className":"absolute top-4 right-4 flex flex-wrap space-x-2","children":[["$","span","amazon-web-services",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/amazon-web-services/1","children":"amazon-web-services"}]}],["$","span","dns",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/dns/1","children":"dns"}]}],["$","span","ping",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/ping/1","children":"ping"}]}],["$","span","amazon-route53",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/amazon-route53/1","children":"amazon-route53"}]}],["$","span","amazon-vpc",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/amazon-vpc/1","children":"amazon-vpc"}]}]]}],["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://lh3.googleusercontent.com/a-/AOh14GhWmIayylyrWRL3ZoDTnitKS8OI3fOcUcdJJTBw=k-s256","alt":"Venkatesh ","className":"w-16 h-16 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/13908069/venkatesh","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"Venkatesh "}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",59]}]]}]]}],["$","h1",null,{"className":"text-2xl font-bold text-gray-800 mb-4","children":"DNS resolution in aws from EC2"}],["$","p",null,{"className":"text-gray-700 mt-4","dangerouslySetInnerHTML":{"__html":"

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm mt-4","children":[["$","p",null,{"children":["Upvotes: ",1]}],["$","p",null,{"children":["Views: ",2951]}]]}]]}],["$","div",null,{"className":"container mx-auto","children":[["$","h2",null,{"className":"text-2xl font-semibold text-gray-800 mb-6","children":["Answers (",1,")"]}],[["$","div","64082683",{"className":"bg-white shadow-md rounded-lg p-6 mb-6","children":[["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://www.gravatar.com/avatar/8648256cc53b261c5e1d266380a256fc?s=256&d=identicon&r=PG","alt":"jarmod","className":"w-12 h-12 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/271415/jarmod","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"jarmod"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",78693]}]]}]]}],["$","p",null,{"className":"text-gray-700 mb-4","dangerouslySetInnerHTML":{"__html":"

AWS security groups and network ACLs don't filter traffic to or from:

AWS reserved IPv4 addresses (these are the first four IPv4 addresses of the subnet, including the Amazon DNS server address for the VPC)
link-local addresses (169.254.0.0/16)

The Amazon-supplied VPC DNS server is at the VPC subnet CIDR base +2 address (e.g. 10.0.0.2 if your VPC subnet CIDR is 10.0.0.0).

See Internetwork traffic privacy in Amazon VPC.

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm","children":["$","p",null,{"children":["Upvotes: ",3]}]}]]}]]]}],["$","div",null,{"className":"bg-white shadow-md rounded-lg p-6 mt-6","children":[["$","h2",null,{"className":"text-2xl font-semibold text-gray-800 mb-4","children":"Related Questions"}],["$","ul",null,{"className":"list-disc list-inside","children":[["$","li","63507563",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/63507563","className":"text-blue-600 hover:underline","children":"AWS Route-53 DNS Server IP Address"}]}],["$","li","60906791",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/60906791","className":"text-blue-600 hover:underline","children":"DNS names within VPN VPC"}]}],["$","li","55284012",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/55284012","className":"text-blue-600 hover:underline","children":"AWS Route 53 DNS - IP address could not be found"}]}],["$","li","35942007",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/35942007","className":"text-blue-600 hover:underline","children":"Domain name and route53 issue"}]}],["$","li","31311374",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/31311374","className":"text-blue-600 hover:underline","children":"Route 53 Amazon DNS lookup fail"}]}],["$","li","47626074",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/47626074","className":"text-blue-600 hover:underline","children":"Unable to resolve Private Hosted Zone in VPC"}]}],["$","li","44015228",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/44015228","className":"text-blue-600 hover:underline","children":"AWS Route 53 not resolving to Elastic IP"}]}],["$","li","36051984",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/36051984","className":"text-blue-600 hover:underline","children":"Route53 DNS name from private VPC EC2 DNS name"}]}],["$","li","33140657",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/33140657","className":"text-blue-600 hover:underline","children":"Domain name not showing up in DNS"}]}],["$","li","17371286",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/17371286","className":"text-blue-600 hover:underline","children":"domain won't resolve to aws ec2 - using route 53 and elastic ip"}]}]]}]]}]]}],["$","$L11",null,{}],["$","$L12",null,{}],["$","$L13",null,{}],["$","$L14",null,{}],["$","$L15",null,{}]]

DNS resolution in aws from EC2

Answers (1)

Related Questions