A private IP address typically refers to a private IPv4 address. Each network interface has one primary private IP address by default, which is an essential part of the network interface. You might need to specify a particular primary private IPv4 address when purchasing an ECS instance, or change the primary private IPv4 address of an ECS instance in scenarios such as IP address conflicts or network expansion. This topic describes how to specify a primary private IPv4 address when purchasing an ECS instance, modify the primary private IPv4 address of an existing ECS instance, and manage the primary private IP address of a secondary ENI.
Terms
When an ECS instance is created, it is assigned an elastic network interface (ENI) by default, which is the primary ENI. The primary ENI receives a primary private IPv4 address within the vSwitch CIDR block as the default private IP address.
Like the primary ENI, a secondary ENI is also assigned a primary private IPv4 address by default, which cannot be removed from the ENI.
If the primary private IP address cannot meet your requirements for multiple IP addresses, you can add multiple secondary private IP addresses to the primary ENI or add multiple secondary ENIs to the ECS instance. You can refer to the following diagram to understand the relationship between ECS instance ENIs and private IP addresses.
Specify a primary private IPv4 address when purchasing an ECS instance
Procedure
Go to the ECS purchase page.
Select the Custom Launch tab.
In the Network and Zone section, select an existing VPC and vSwitch, or click Create VPC or Create vSwitch to go to the VPC console to create a VPC and vSwitch immediately. After creation, return to the ECS instance creation wizard and click the
icon to view the VPC and vSwitch list.Select Specify Primary Private IP Address of Primary ENI to specify a primary private IPv4 address for the ECS instance.
You can also call the RunInstances API operation when purchasing an ECS instance and specify the PrivateIpAddress parameter to specify a primary private IP address.
Modify the primary private IPv4 address of an existing ECS instance
If your business applications, cloud product whitelists (such as databases or cache services), or system configuration files (such as /etc/hosts) are configured with the primary private IP address, remember to update all relevant configurations after changing the IP address to avoid service interruption.
Due to business changes, such as server migration or business network segment replanning, you might need to change the private IP address of an ECS instance. The implementation method differs depending on whether the target IP address of the instance belongs to a different network segment. This topic uses the following example for illustration:
Current instance IP address | Current instance subnet/vSwitch CIDR block | Current instance VPC CIDR block |
172.16.10.228 | 172.16.10.0/24 (172.16.10.0~172.16.10.254) | 172.16.0.0/12 (172.16.0.1~172.31.255.254) |
Expected instance IP address | Can be changed directly | Specific operation | |
172.16.10.XXX (within the current subnet range) | Yes | Modify the private IP address of the ECS instance (no need to change the vSwitch) | |
172.16.50.XXX (outside the current subnet range) | A vSwitch with the target CIDR block (such as 172.16.50.0/24) already exists in the same zone of the VPC | Yes | Modify the private IP address of the ECS instance (select to change the vSwitch) |
No vSwitch with the target CIDR block (such as 172.16.50.0/24) exists in the same zone of the VPC | No |
| |
10.0.10.XXX (outside the current VPC CIDR block range) | No |
| |
Modify the private IP address of an ECS instance
Prerequisites
The ENI of the ECS instance does not have secondary private IP addresses configured.
The ECS instance is in the Stopped state. For more information, see Stop an instance.
Procedure
Go to ECS console - Instance.
In the top navigation bar, select the region and resource group of the resource that you want to manage.
Find the target ECS instance, click to enter the instance details page, and in All Operations, select .
In the Modify Private IP dialog box, complete the configuration, and then click OK.
vSwitch: If you want to change the vSwitch, make sure that the selected vSwitch is in the same zone as the ECS instance.
Private IP:
If you do not manually set a private IP address, the system automatically assigns one.
To specify a primary private IP address, make sure that the IP address is within the CIDR block of the destination vSwitch.
For information about the CIDR format and IP address range conversion, see Examples of converting CIDR format to IP address ranges.
You can also use the
ipcalctool to view the IP address range represented by the CIDR block.
If you want to change to a vSwitch in a different zone from the ECS instance, you need to perform cross-zone migration.
In All Operations, select . After the ECS instance restarts, the new primary private IP address takes effect.
(Optional) After modifying the primary private IP address, you might need to reconfigure the security group rules for the ECS instance based on the new primary private IP address. For more information, see Manage security group rules.
You can also call the ModifyInstanceVpcAttribute API operation to modify the primary private IP address of an existing ECS instance.
Change IP address using a VPC secondary CIDR block
You can add a secondary CIDR block (10.0.0.0/16) to the current VPC (172.16.0.0/12), and create a vSwitch in the same zone under this secondary CIDR block (such as 10.0.10.0/24). Then you can change the private IP address of the ECS instance by selecting this vSwitch and assigning an IP address within the vSwitch CIDR block range.
Visit the VPC Management Console.
In the top navigation bar, select the region where the VPC is created.
On the VPCs page, find the target VPC to which the instance belongs, and click the VPC ID.
On the VPC Basic Information page, click the CIDR Blocks tab, and then click Add Secondary IPv4 CIDR Block.
Select the target CIDR block as needed. In this example, we select 10.0.0.0/16, and click OK.
Visit the VPC Console - vSwitches.
In the top navigation bar, select the target region.
Click Create vSwitch to go to the Create vSwitch page.
VPC: Select the VPC where the ECS instance is located.
IPv4 CIDR Block (appears after selecting the VPC): Select the secondary CIDR block added in the previous step.
vSwitch:
Zone: Select the zone where the ECS instance is located.
IPv4 CIDR Block: Enter the target subnet CIDR block range. In this example, enter 10.0.10.0/24.
Click Create to complete the creation of the vSwitch within the secondary CIDR block range.
Modify the private IP address of the ECS instance.
vSwitch: Select the vSwitch created in the previous step.
Private IP: Specify an IP address within the range of the vSwitch created in the previous step, or leave it unspecified for automatic assignment.
For more information about secondary CIDR blocks, see Modify a CIDR block.
Primary private IPv4 address of a secondary ENI
A secondary ENI is also assigned a primary private IPv4 address within the associated vSwitch CIDR block. The method of creating a secondary ENI determines whether you can manually specify the primary private IPv4 address:
Create a secondary ENI with an ECS instance
For some instance types, you can choose to add a secondary ENI when creating an instance. The secondary ENI created this way is automatically assigned a primary private IPv4 address and automatically attached to the ECS instance. You cannot manually specify its primary private IP address.
Separately create a secondary ENI
When creating a secondary ENI separately, you can manually specify an available address within the vSwitch CIDR block as the primary private IPv4 address. If you do not specify one, an available private IP address will be automatically assigned when the ENI is created.
For detailed operations, see Create a secondary ENI.
The primary private IPv4 address of a secondary ENI cannot be modified after creation. If you need to adjust it, you must detach the ENI, create a new secondary ENI with the desired primary private IPv4 address from the available addresses within the vSwitch CIDR block, and then attach it to the target instance.