EC2 instance with 2 ENI's

iwobic · March 12, 2020, 3:53pm

Hi everyone,

I’m new to Nethserver and I’m starting to play around with it.
I created an EC" instance with Centos 7 on AWS. The main network interface is facing a public subnet in my VPC while I added a secondary interface that faces a private subnate of my VPC. This is so because I’d like to setup Nethserver as a firewall for other instances in the private subnet.
Now everything works fine until I try to configure the secondary ENI. Even though the subnet assigns a private IP to it, from within Nethserver GUI it looks like no address is assigned to the interface, so if I configure it and hit save, the server brakes and becomes unusable, even if the main ENI (the one facing the internet, has not been touch).
All I can do at that point is to terminate the instance and launch a new one and re-install Nethserver.

Does anybody have any experience with this type of configuration?

Thanks,

C.

bwdjames · March 12, 2020, 5:07pm

Which AMI are you using for the EC2 instance?

I’ve been meaning to take a look at doing this, but haven’t had the chance yet.

Have you taken a look at the naming convention for the interfaces? What are they called?

I wonder if CentOS within EC2 is using a slightly different ethernet interface naming convention and NethServer is expecting the naming of the ethernet interface to be something else and that could be killing it.

iwobic · March 12, 2020, 6:41pm

after 3 new EC2 instances and 2 snapshot restores, I’ve made it…
I’m using AMI CentOS 7 (x86_64) - with Updates HVM in eu-central-1
Here’ what I did:

turned the main interface into a RED WAN Interface and assigned a static IP
configured the additional interface into a GREEN LAN if with static IP

actually it’s not much different from what I tried to do in the earlier attempts but it finally worked…

Now I’m trying to set firewall rules in Nethserver in order to ssh into an ECC2 instance that’s running in the private subnet.

pike · March 12, 2020, 9:07pm

@iwobic please consider to write down some examples or an howto about you’ve succeeded.

bwdjames · March 13, 2020, 9:38am

A howto would definitely be helpful.

I am interested how to have the configuration set to persist between terminations?

iwobic · March 13, 2020, 7:17pm

well, I’m thinking of making a video tutorial on this. I’ll need some time though.