An Elastic Network Interface (ENI) is a virtual network interface that can be attached to an ECS instance in a VPC. You can use ENIs to deploy high-availability clusters and perform low-cost failovers and fine-grained network management.

Scenarios

ENIs are suitable for:
  • Deploying high-availability clusters

    Multiple ENIs can be attached to an ECS instance, implementing a high-availability architecture.

  • Providing low-cost failover solutions

    You can detach an ENI from a failed ECS instance and attach the ENI to another instance to redirect traffic destined for the failed instance to the backup instance. This allows quick recovery of services.

  • Managing networks with refined controls

    You can configure multiple ENIs for an instance. For example, you can use some ENIs for internal management and other ENIs for Internet business access to isolate confidential data from business data. You can also configure specific security group rules for each ENI based on the source IP addresses, protocols, ports, and more to achieve traffic control.

  • Configuring multiple private IP addresses for one instance

    You can assign multiple private IP addresses to the ENIs that are attached to ECS instances. The maximum number of private IP addresses that can be assigned varies with the instance type. Up to 20 private IP addresses can be assigned to an ENI that is attached to an instance.

  • Configuring multiple public IP addresses for one instance

    An ECS instance with no ENI attached can be assigned only one public IP address. You can assign multiple public IP addresses to an instance by associating Elastic IP addresses (EIPs) to one or more ENIs of the instance. EIPs can be bound with the private IP addresses of an ENI in NAT mode.

ENI types

ENIs are classified into two types:

  • Primary ENIs

    A primary ENI is the ENI that is automatically created when an instance in a VPC is created. The life cycle of the primary ENI is the same as that of the instance, and you cannot detach the primary ENI from the instance.

  • Secondary ENIs
    You can create a separate secondary ENI that can be freely attached and detached.
    Note For the instances whose images cannot identify secondary ENIs, log on to the instance to configure the ENIs. For more information, see Configure an ENI.

ENI attributes

The following table describes the attributes of an ENI.
Attribute Quality
Primary private IP address 1
Secondary private IP address 1 or more. The maximum number of secondary private IP addresses that can be associated to an ENI depends on the instance type. For more information, see Instance families.
EIP 1 or more. The maximum number of EIPs that can be associated to an ENI depends on the associating mode. For more information, see Overview for associating an EIP with a secondary ENI.
MAC address 1
Security group 1 to 5
Network instance name 1

Limits

  • A limited number of ENIs can be created for one account in each region. For more information, see the ENI limits section of Limits.
  • The ECS instance and the secondary ENI you want to attach must be in the same zone and region, but can belong to different VSwitches and security groups.
  • The number of secondary ENIs that can be attached to an ECS instance depends on the instance type.
  • Only I/O-optimized instance types support ENIs.
  • ECS instances in a classic network do not support ENIs.
  • The instance bandwidth varies with the instance type. You cannot increase the bandwidth of an ECS instance by attaching multiple ENIs to the instance.

Console operations

You can perform the following operations in the ECS console:

API operations

You can perform the following operations through the API: