EC2 instances can not support wake on lan natively because they use virtual interfaces (ENI’s). Normally wake on lan works by sending a magic packet to a mac address of an interface.
Next to that these WOL packets will be send to the broadcast address 255.255.255.255. AWS VPC’s do not support the broadcast address so you must run the command like this:
wakeonlan -i 172.31.9.28 02:13:1f:b7:62:b3
The VPC flow logs will also never display any of these WOL packets as inbound traffic (UDP port seven or nine) for the ENI attached to this EC2 instance.
Hibernating an EC2 instance stores the memory contents on the encrypted EBS volume. The ENI stays attached to the instance and is active. But will never pass the magic WOL packet back to the instance.
This means that the hibernating instance will never wake up from a WOL packet.
Possible solution with wakeonlan compatibility
We can simulate WOL by using the following solution:
- A network load balancer that listens for UDP packets (with a fixed IP address) as a target for the wakeonlan utility. This is because NLB’s support UDP traffic and can have a fixed IP address
- A ECS Fargate service that captures the requests from this load balancer (Lambda functions can not be connected to NLB’s)
- This Fargate task can extract the MAC address from the magic packet, find the ENI with the EC2 API and start the corresponding instance (also through the EC2 API)
This solution is more complex but it will give you full compatibility with the wakeonlan utility. But you must send the IP address of the NLB when you send the magic packet.
Overall the wakeonlan utility is impractical because it requires you to know the MAC address of the instance you want to wake.
Possible solution without wakeonlan compatibility
If you do not require wakeonlan compatibility you could work with the following setup:
- Create an API Gateway (REST) to receive POST requests
- Connect this with an Lambda function through the proxy integration
- The Lambda function can find and start the EC2 instance based on:
- Internal IP address
- Public IP address
- MAC address
This setup is more flexible and could be tailored to your needs. For instance you might start EC2 instances based on the tags in the POST request. To wake an instance you would just send a POST request to this API Gateway endpoint.