All Products
Search
Document Center

Elastic Compute Service:ECS instance IP addresses

Last Updated:May 15, 2026

ECS instances in a VPC use private IPv4, public IPv4, and optionally IPv6 addresses for internal and Internet communication.

Private IP addresses

Private IP addresses refer to private IPv4 addresses not reachable over the Internet, used for communication between ECS instances and internal resources. They are assigned via DHCP and must fall within the vSwitch CIDR block. The number of private IPv4 addresses per elastic network interface (ENI) varies by instance type. See the Private IPv4 Addresses per ENI metric in Instance families.

Key points about private IPv4 addresses:

  • Each instance has one primary private IPv4 address on the primary ENI, assigned from the vSwitch CIDR block at instance creation. If not specified, Alibaba Cloud auto-assigns one. The primary private IPv4 address cannot be reclaimed until the instance is released. To change it, see Modify a private IP address.

  • You can assign secondary private IPv4 addresses to an instance automatically or manually. Secondary addresses can be reclaimed and reassigned but not modified after assignment. Manual configuration is required after assignment. See Secondary private IPs.

  • Private IPv4 addresses are retained across stop/start cycles and reclaimed when the instance is released.

Public IP addresses

Public IP addresses refer to public IPv4 addresses that enable Internet communication. To use one, purchase public bandwidth for the instance.

VPC-type ECS instances support static public IP addresses and elastic IP addresses (EIPs).

IPv6 addresses

After you enable IPv6, Alibaba Cloud assigns IPv6 CIDR blocks to VPCs from the address pool (you cannot specify them). vSwitches in IPv6-enabled VPCs also support IPv6 CIDR blocks. You can enable IPv6 when creating a vSwitch or for an existing one. See Create and manage vSwitches. IPv6 addresses must fall within the vSwitch IPv6 CIDR block. The number of IPv6 addresses per ENI varies by instance type. See the IPv6 addresses per ENI metric in Instance families.

IPv6 addresses are globally unique. By default, they support only private access. To enable Internet access, enable IPv6 Internet bandwidth.

  • You can assign multiple IPv6 addresses to the primary ENI during instance creation.

  • After instance creation, you can assign IPv6 addresses to attached ENIs.

After assignment, configure the IPv6 address in the instance operating system for it to take effect.

IPv6 addresses can be unassigned and reassigned before instance release. They are retained across stop/start cycles and released when the ENI is released.

View the IP addresses of an instance

View IP addresses in the ECS console or from within the instance. Ensure consistency between the two; mismatches can cause communication failures, invalid security group rules, or management issues.

View in the console

  1. Log in to the ECS console.

  2. In the left-side navigation pane, choose Instances & Images > Instance.

  3. In the upper-left corner of the page, select a region and resource group.地域

  4. On the Instance page, click the target instance ID to open Instance Details. View the IP addresses:

    • In the Configuration Information section:

      • Public IP Address: 47.98.XX.XX

      • Elastic IP Address: 121.41.XX.XX

      • Primary Private IP Address: 192.168.XX.XX

    • In the Associated Resources section:

      • Secondary Private IP Address: 192.168.XX.XX,192.168.XX.XX

      • IPv6 Address: 2408:XXXX:325:a216:95f1:3dd9:6640:8b9e

    Note

    Fields appear empty if the instance lacks a static public IP address, secondary private IP address, IPv6 address, or associated EIP.

View API

  • Call DescribeInstanceAttribute to query IP address information:

    • PrivateIpAddress: The primary private IPv4 address.

    • PublicIpAddress: The static public IP address.

    • EipAddress: The associated EIP.

  • Call DescribeNetworkInterfaceAttribute to query ENI details, including secondary private IPs, IPv6 addresses, and EIPs.

View IP addresses from within an instance

  • Linux instances: After you remotely connect to a Linux instance, run ip a to view private IP addresses.

    image

    Run sudo route -n to view the gateway IP address:

    In the row where Destination is the default route (0.0.0.0), the Gateway value is the internal gateway IP of eth0.

    image

  • Windows instances: After you remotely connect to a Windows instance, run ipconfig to view the private IP address and default gateway.

    image

In a VPC, the public IP address resides on the gateway device and is not visible in the instance OS. Only the private IP address is visible. To make an EIP visible in the OS, see Make an EIP visible on an ENI using a secondary CIDR block.

References