Amazon ECS task networking
If you're using Amazon ECS tasks hosted on Amazon Fargate, see Fargate task networking in the Amazon Elastic Container Service User Guide for Amazon Fargate for networking information that's relevant to your instances.
The networking behavior of Amazon ECS tasks that are hosted on Amazon EC2 instances is dependent
on the network mode that's defined in the task definition. We
recommend that you use the awsvpc network mode unless you have a specific
need to use a different network mode.
The following are the available network modes.
| Network mode | Linux containers on EC2 | Windows containers on EC2 | Description |
|---|---|---|---|
|
|
Yes |
Yes |
The task is allocated its own elastic network interface (ENI) and a primary private IPv4 address. This gives the task the same networking properties as Amazon EC2 instances. |
|
|
Yes |
No |
The task uses Docker's built-in virtual network on Linux, which runs inside each Amazon EC2
instance that hosts the task. The built-in virtual network on Linux uses the |
|
|
Yes |
No |
The task uses the host's network which bypasses Docker's built-in virtual network
by mapping container ports directly to the ENI of the Amazon EC2 instance that hosts
the task. Dynamic port mappings can’t be used in this network mode. A container
in a task definition that uses this mode must specify a specific
|
|
|
Yes |
No |
The task has no external network connectivity. |
|
|
No |
Yes |
The task uses Docker's built-in virtual network on Windows, which runs inside each Amazon EC2 instance that hosts the task. The built-in virtual network on Windows uses the |
For more information about Docker networking on Linux, see Networking overview
For more information about Docker networking on Windows, see Windows container networking
Topics