Elastic Load Balancing both internal and internet-facing

Question

We are trying to use Elastic Load Balancing in AWS with auto-scaling so we can scale in and out as needed.

Our application consists of several small

Answer 1

It is not possible to for an Elastic Load Balancer to have both a public IP address and a private IP address. It is one or the other, but not both.

If you want your ELB to have a private IP address, then it cannot listen to requests from the internet.

If your ELB is public-facing, you can still call to it from your internal EC2 instances using the public endpoint. However, there are some caveats that goes with this:

• The traffic will exit your VPC and re-enter it. It will not be direct instance-to-ELB connection that a private IP address will afford you.
• You also cannot use security groups in your security group rules.

There are 3 alternative scenarios:

1. Duplicate the ELB and EC2 instances, one dedicated to private traffic, one dedicated to public traffic.
2. Have 2 ELBs (one public, one private) that share the same back-end EC2 instances.
3. Don't use an ELB for either private or public traffic, and instead use an Elastic IP address (if public) or a private IP address (if private) on a single EC2 instance.