Why do my ELBs have two IP addresses? How to find them?

Question

I have both application and classic internal load balancers running over a VPC. Each of them are associated to three subnets, on different availability zones, and almost each of them point to only one instance (in my case ECS containers).

But when issuing a nslookup command (nslookup internal-MYLB.us-east-1.elb.amazonaws.com)

I can see that output:

Server:     10.xxx.xxx.37
Address:    10.xxx.xxx.37#53

Non-authoritative answer:
Name:   internal-MYLB.us-east-1.elb.amazonaws.com
Address: 10.xxx.xxx.187
Name:   internal-MYLB.us-east-1.elb.amazonaws.com
Address: 10.xxx.xxx.204

For each load balancer, wether it's a classic or application one, two IP addresses are associated to its domain name.

I was simply wondering:

1. Does it correspond to two load balancer nodes for each load balancer? (Maybe I missed it but I didn't find that info in their doc)
2. Does AWS systematically spawns that for redundancy? Is it configurable?
3. Is there some way in the UI to see those IP addresses (I didn't find them in the UI or by using aws elb describe-load-balancers)

For the context, we have a remote partner who experiment issues with only one of the two IP addresses associated to a load balancer, maybe something like a network conflict due to some overlapping subnet range, but I'd prefer to be sure of what I see first.

Answer 1

ELB is a managed service provided by AWS. Behind the scenes, ELB consists of multiple load balancers. When the traffic is increasing, ELB bring forward many load balancers to handle the traffic. In another term, ELB autoscales. But the problem is ELB does not manage the traffic by itself. It happens at the DNS look up level. All the load balancers of a ELB registers their IP addresses on the DNS service at Amazon's side. So for different queries, Amazon will return different IP addresses. This is why ELB only has a DNS name instead of a static IP address.

So when you do nslookup it showed the ip address of the ELB's load balancers.

Answer 2

Elastic Load Balancer partly uses DNS to distribute load across the different availability zones. So your "single" load balancer is actually a group of them.

AWS will create and destroy nodes as the load increases and decreases. As such, you should not use IP addresses of your ELB directly. Instead, you should always use the DNS CNAME to allow the ELB to distribute the traffic.

There is no way in the UI to see the IP addresses, and really, you shouldn't care about them.

If you are running into IP address conflicts, then make sure your VPC subnet CIDRs are not overlapping anything else, like a VPN.