Organizations using Amazon’s Virtual Private Cloud are now able to create network interfaces that exist separate from the EC2 instances. The upshot of this is that customers will be able to have a lot more flexibility in managing network interfaces for EC2 instances.
The new feature, Elastic Network Interface (ENI) is created automatically with an EC2 instance. However, unless you want to use any of the new features it will essentially behave just as before.
Customers that need the feature, though, can do a few new things with the ENI. If the “delete on termination” flag is turned off, the ENI will continue to be available even when the EC2 instance is down. You can “hot attach” an ENI to an instance, so it can act as a form of high availability or make it easier to spin up a different sized instance for the same workload.
Instances have a max of two ENIs right now. Amazon also notes that ENIs can be used to create load balancers, or to give separate security groups to each ENI to differentiate between public/private access. Amazon also notes that this can be useful for applications with MAC-based licensing – the ENI has a persistent MAC address, so you can change instance types and keep your MAC address that the application is bound to.
However, Amazon warns against using the ENI feature to provide two public IP addresses to an instance. “There’s no way to ensure that packets arriving via a particular ENI will leave through it without setting up some specialized routing.”
The good news is that multiple IPs are coming. “We are aware that a lot of people would like to have multiple IP addresses for a single EC2 instance and we plan to address this use case in 2012.”