AWS Network Interfaces

Elastic Network Interfaces(ENI)

A virtual network interface(NIC) that connects AWS instances and resources to the VPC network. They have the following characteristics:

• IPv4 address(IPv6 Optionally)

• MAC Address

• Security Group(At least one by default but more can be added.)

When an instance is created, the IP address information configured or provided through DHCP is not attached to the instance directly but instead to the ENI. The default ENI cannot be removed from the instance but externally created ENI can be modular from the instance and can be moved and replaced for the instance.

Instances will always have at least one ENI associated. You could have more than one ENI attached. Default ENI is always attached

An ENI can have more than one IP address assigned. Other things associated to the ENI:

• auto-assigned external IP(Lives through lifecycle of the ENI and cannot be detached.)

• elastic external IP(Can move from ENI to another)

• source/dest check attribute(useful for NAT translations and asymmetrical routing.)

• security groups. By default you can have up to 5 security groups but this can be enhanced through support.

ENI’s only live within the scope of one Availability Zone.

You can attach numerous ENI’s to an instance, the number of ENI’s that can be attached are based on the size and type of instance. This information can be found at https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html#AvailableIpPerENI

Adding extra ENI’s is not a good way to increase bandwidth. NIC teaming or any type of LAG is not supported by AWS at the time of this writing(study).