The Instance Reachability Check is a part of the Status Checks in AWS EC2 that monitors the health of your EC2 instance. The Instance Reachability Check determines whether AWS can communicate with the instance via its internal network. If this check fails, an issue inside the instance typically prevents it from responding to network requests.

The “Instance Reachability Check Failed” error in AWS indicates that the instance is running but AWS cannot communicate with it due to potential networking or operating system-level issues. The error can signal underlying problems that disrupt communication between AWS and the instance. Understanding and addressing this error promptly is crucial for maintaining instance availability and ensuring uninterrupted service.

aws instance reachability failure

Causes Instance Reachability Check Failures

  • Operating System Issues:
  1. Kernel panics.
  2. File system corruption.
  3. Resource exhaustion (e.g., full disk or high CPU utilization).
  • Configuration Errors:
  1. Misconfigured firewall rules within the instance.
  2. Incorrect IP tables or access control settings.
  • Network-Related Issues:
  1. Networking services inside the instance are not running correctly.
  2. Misconfigured network interface or drivers.
  • Application-Level Issues:
  1. Processes consuming excessive resources.
  2. Critical services not starting properly after a reboot.

Troubleshooting The Error

Check the AWS Management Console

The EC2 Dashboard indicates status checks under the “Status Checks” tab. Look for red alerts and their descriptions to identify whether the issue is with the system or the instance.

aws instance reachability

If the issue is with the system, rebooting the instance can resolve it. If the issue persists, you may need to restart the instance.

To reboot the instance follow the following steps.

Step 1. Select the instance with the failed check.

Step 2. Click on Actions, and select Reboot Instance under Instance State.
Confirm the action.

AWS

Review System Logs

AWS lets you view the System Log via the EC2 console. It contains boot messages, kernel logs, and other diagnostics that can point to root causes.

Inspect Networking Configurations

Security Group Rules:

Step 1. Navigate to the EC2 Dashboard.
Step 2. Select the affected instance and go to the Security tab.
Step 3. Click on the attached Security Group to view the inbound and outbound rules.
Step 4. Ensure that the required ports are open:
Step 5. Allow traffic from the appropriate IP ranges.

Route Tables:

Step 1. Open the VPC Dashboard and select Route Tables.
Step 2. Identify the route table associated with the subnet of your EC2 instance.

Network ACLs (Access Control Lists):

Step 1. In the VPC Dashboard, go to Network ACLs.
Step 2. Locate the ACL linked to the subnet where your EC2 instance resides.

AWS

Step 3. Verify the rules:

Inbound Rules: Allow traffic on the required ports and from trusted IP ranges.
Outbound Rules: Allow all traffic or at least the necessary ports for communication.

Step 4. Check that no explicit DENY rules are blocking legitimate traffic.

Check Disk Space and Usage

If your EC2 instance fails the “Instance Reachability Check,” one potential issue might be insufficient disk space. When you cannot access the instance via SSH or EC2 Instance Connect, you can inspect the System Log to identify potential disk space issues.

By proactively monitoring and addressing the causes of Instance Reachability Check failures, you can maintain high availability and reliability for your AWS workloads.

The Xieles team of experts offers reliable support to resolve AWS issues.!