01-23-2020 06:09 PM - edited 01-23-2020 06:37 PM
Hi There - We are really struggling to solve this problem:
- 3 InfloBlox vNIOS instances in 3 AZs in AWS
- AMI: Infoblox NIOS 8.1.2 356916 CP-V1400 BYOL (ami-8eebd998)
- 2 ENIs (0 and 1) on each EC2 instance
- UDP NLB in 3 AZs Fronting 3 InfoBlox Instances
- This adds some requirements
- The Targets for a UDP NLB can ONLY be Instance references (not IP)
- An Instance Target appears to only point to the 0th ENI on an EC2 Instance
- This requires that we be able to enable DNS on the MGMT interface (which is normally supported)
- Our user data license has: `temp_license: dns cloud enterprise vnios grid`
- We cannot enable the MGMT interface and seem to be caught in a Catch 22 regarding it
- `set interface mgmt` gives "Cannot enable Management interface when LAN1 is configured with a dynamic address"
- `set interface lan1` (to try to set the address for lan1) gives: "Error: The AWS IB-VNIOS appliance does not support the set network command."
- Enabling MGMT through the vNIOS UI allows us to set and save all the parameters
- However, even after a reboot, `show interface all` will still show that the MGMT interface has no IP and has a "Status: BROADCAST MULTICAST" (lacking status of UP)
- `show network all` shows "Management Port enabled: true" and shows the settings that we configured
The Catch 22:
- There appears to be no way to disable the DHCP Client on LAN1 and setting the LAN1 values in the UI does not appear to make the address no longer considered "dynamic"
- We can't change the config for LAN1
- We can't enable MGMT when LAN1 is dynamic
- LAN1 is dynamic, and we can't seem to change that
So, is this a limitation in vNIOS when used within AWS? Is it not possible to actually get the MGMT interface enabled?
Note: We have not attached an IAM role/policy to these instances. If vNIOS needs an IAM role to determine that LAN1 is setup correctly, let us know.
Thanks for any help!
Solved! Go to Solution.
01-23-2020 08:59 PM - edited 04-08-2020 02:12 PM
I have done some further testing and I have a theory that this was either a bug or a disabled / missing feature:
- 8.1.2 / 8.2.1
- Cannot enable MGMT interface no matter what I try
- 8.2.5+ / 8.3.0 / 8.4.0
- Can enable the MGMT (eth0) interface with no problems at all, 100% repeatable
It appears that not being able to enable the MGMT interface on AWS was indeed a bug up that was fixed sometime after 8.2.1.
I was not able to find any workaround (e.g. upgrading through various versions from different starting points, all the UI config tricks in the world, etc) other than upgrading to a version that allows the MGMT interface to be enabled and operational. I used at least 8.2.5 and was able to get MGMT to work reliably everytime I wanted to enable it.