Overview of ENIs

Last updated:2021-08-04 11:26:31

An elastic network interface (ENI) is a virtual network interface card (NIC) that can be attached to a Kingsoft Cloud Elastic Compute (KEC) instance. By using ENIs, you can conduct low-cost failover and fine-grained network management. ENIs are independent from each other and can be migrated among KEC instances. This provides flexible expansion and migration capabilities for your business.


  • ENI types:

    Primary ENI: When you create a KEC instance, a primary ENI is created and attached to the instance. Primary ENIs cannot be detached from their instances.

    Secondary ENI: Secondary ENIs are manually created and can be attached to or detached from KEC instances.

  • Virtual Private Cloud (VPC): ENIs of a KEC instance can reside in one or more VPCs.

  • Subnet: ENIs of a KEC instance can reside on one or more subnets.

  • Availability zone (AZ): Subnets in which ENIs reside must be in the same AZ as the KEC instance to which the ENIs are attached.

  • Security group: The inbound traffic and outbound traffic of ENIs that are added to a security group are controlled by this security group.

  • Subnet IPv4 address: Subnet IPv4 addresses can be manually or automatically allocated.

  • MAC address: Each ENI is allocated with a globally unique MAC address.


  • Multiple ENIs: When you create a KEC instance, a primary ENI is created and attached to the instance. You can also attach multiple secondary ENIs to the instance. ENIs of a KEC instance can reside on one or more subnets and each ENI can be added to an independent security group.
  • Flexible migration: ENIs can be migrated among KEC instances in the same VPC and AZ. When you detach an ENI from an instance, the private IP address and security group rules are retained. If you migrate the ENI to another instance, you do not need to configure mappings again.
  • Hot swapping: ENIs support hot swapping. When you detach an ENI from a KEC instance and attach it to another instance to migrate the business, you do not need to restart the latter instance. This ensures business continuity.

Application scenarios

  • Creating high-availability (HA) clusters: Multiple ENIs can be attached to a KEC instance, which helps you create HA clusters.
  • Implementing low-cost failover: You can detach ENIs from a faulty KEC instance and attach them to a backup instance to migrate the business on the faulty instance to the backup instance, thereby achieving rapid business recovery.
  • Managing networks with fine-grained control: You can configure a KEC instance with multiple ENIs. For example, you can attach an ENI for internal management and an ENI for public network access to isolate management data from business data. You can also configure each ENI with precise security group rules based on the source IP address, application layer protocol, and port number to implement access control for traffic of each ENI.

Did you find the above information helpful?

Mostly Unhelpful
A little helpful
Very helpful

What might be the problems?

Unclear or awkward
Redundant or clumsy
Lack of context for the complex system or functionality

More suggestions


Please give us your feedback.


Thank you for your feedback.