To better manage your workloads, you can configure Elastic Compute Service (ECS) instances in a virtual private cloud (VPC) to use the same elastic IP address (EIP) to access the Internet. This topic describes how to configure ECS instances that are assigned EIPs to use the same EIP to access the Internet.
Prerequisites
Source Network Address Translation (SNAT) entries are configured for the VPC in which the ECS instances are assigned EIPs. For more information, see Create a SNAT entry.
Background information

You can configure ECS instances in the VPC to use the same EIP to access the Internet by attaching an elastic network interface (ENI) to the ECS instances.

Step 1: Create an ENI
To create an ENI for an ECS instance, follow these steps:
- Log on to the ECS console.
- In the left-side navigation pane, click .
- Select the target region.
Note The ENI and the ECS instance must be in the same region.
- On the Network Interfaces page, click Create ENI.
- On the Create ENI page, configure the ENI according to the following information and click OK.
- Network Interface Name: Enter the name of the ENI.
- VPC: Select the VPC to which the ECS instance belongs.
- VSwitch: Select the VSwitch of the zone to which the ECS instance belongs.
- Primary Private IP (optional): Enter the primary private IPv4 address of the ENI. The IPv4 address must be an idle address in the CIDR block of the specified VSwitch. If you do not specify one, an idle private IPv4 address is automatically assigned to your ENI after the ENI is created.
- Security Group: Select a security group of the VPC.
- Description (optional): Enter a description for the ENI.
Step 2: Associate the ENI with the ECS instance
To attach the ENI to the ECS instance, follow these steps:
- Log on to the ECS console.
- In the left-side navigation pane, click .
- Select the target region.
- On the Network Interfaces page, find the target ENI, and click Bind to Instance in the Actions column.
- In the displayed dialog box, select the ECS instance to attach and click OK.
Step 3: Disassociate the EIP from the ECS instance
To disassociate the EIP from the ECS instance, follow these steps:
- Log on to the VPC console.
- In the left-side navigation pane, click Elastic IP Addresses.
- Select the region of the target EIP.
- On the Elastic IP Addresses page, find the target EIP and click Unbind in the Actions column.
- In the displayed dialog box, click OK.
Step 4: Associate the EIP with the ENI
To associate the EIP with the ENI, follow these steps:
- Log on to the VPC console.
- In the left-side navigation pane, click Elastic IP Addresses.
- Select the region of the target EIP.
- On the Elastic IP Addresses page, find the target EIP and click Bind in the Actions column.
- On the Bind Elastic IP Address page, associate the EIP with the ENI according to the following information and click
OK.
- IP Address: Displays the EIP.
- Instance Type: Select Secondary ENI.
- Resource Group (optional): Select the resource group to which the EIP belongs.
- Mode (optional): Select the NAT mode.
- Secondary ENI: Select the ENI to be associated.
Step 5: Test the network connectivity
- Log on to the Linux client.
- Run the
ssh root@ public IP address
command and enter the logon password of the Linux instance to check if the remote access is successful.If Welcome to Alibaba Cl oud Elastic Compute Service! is displayed, it means that the connection has been established.
- Log on to the ECS instance.
- Run the
curl https://myip.ipip.net
to view the public IP address.If the public IP address is the same as the IP address in the SNAT entry of the NAT Gateway, it means that the ECS instance accesses the Internet through the SNAT function of NAT Gateway.