1

I have created a linux node on Amazon (AWS) machine. I can ssh into the node but I cannot do ping into its IPv4 Public IP. What should I do to fix this issue?

Works:

ssh -v -i "my_pem.pem" ubuntu@<AmazonNode's_IP>

Does not work (returns %100 failure):

ping <AmazonNode's_IP>

I have also added following setting from https://stackoverflow.com/a/30544572/2402577 but it did not helped. enter image description here

enter image description here

enter image description here

Please note that when I did this setting, I can ping from another amazon node to an amazon node. But from a non-amazon node still I cannot do ping to the amazon node.

Thank you for your valuable time and help.

Community
  • 1
  • 1
alper
  • 2,919
  • 9
  • 53
  • 102

1 Answers1

5

ICMP port is closed by default on AWS instances. You need to enable it in a security group.

markdwhite
  • 2,360
  • 19
  • 24
  • Is it possible to do it via terminal or should I use aws's web interface? @markdwhite – alper Apr 05 '17 at 11:53
  • ICMP does not use ports; it is a separate protocol on top of IP, but different from either TCP or UDP. That said, the answer is probably correct in the sense that AWS instances are configured to ignore incoming ICMP packets. – chepner Apr 05 '17 at 12:07
  • @Avatar I believe AWSCLI does everything now, including some things you can't do in the dashboard, so it's probably down to your preference. Create a new Security Group with Custom ICMP Rule with Echo Reply (as chepner said, it's not really a protocol over a port) and that should do it. – markdwhite Apr 05 '17 at 12:27
  • I have updated my question based on your guidance, but still I am facing with the same problem thank you. @markdwhite – alper Apr 05 '17 at 12:31
  • Interesting observation: I did the setting on my question, I can ping from another amazon node to an amazon node. But from a non-amazon node (my laptop) still I cannot do ping to the amazon node. @markdwhite – alper Apr 05 '17 at 15:03
  • 1
    @Avatar - here's more detailed information that might help http://stackoverflow.com/questions/21981796/cannot-ping-aws-ec2-instance – markdwhite Apr 06 '17 at 01:53
  • I already follow that guide but it did not helped. Thank you for your help tho. Please note that when I did this setting, I can ping from another amazon node to an amazon node. But from a non-amazon node still I cannot do ping to the amazon node.@markdwhite – alper Apr 06 '17 at 05:02