samedi 28 mars 2015

Second network interface in aws instance with private ip is not routed from Elastic IP

I have an aws instance with two network interfaces assigned. Each network interface has been assigned with its own elastic ip. I have configured eth1.cfg using /etc/network/interfaces.d/eth1.cfg.


The eth1.cfg is configured using static ip and ether.cfg is left with default dhcp configuration.


IP address of eth0 is 172.31.32.206 IP address of eth1 is 172.31.37.20


eth0.cfg



# The primary network interface
auto eth0
iface eth0 inet dhcp


eth1.cfg



#secondary network interface
auto eth1
iface eth1 inet static
address 172.31.37.20
netmask 255.255.240.0
up ip route add default via 172.31.32.1 dev eth1 table out
up ip rule add from 172.31.37.20/20 table out
up ip rule add to 172.31.37.20/20 table out
up ip route flush cache


I have listed results of route -n before and after adding ethic.cfg file.


Before



Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         172.31.32.1     0.0.0.0         UG    0      0        0 eth0
172.17.0.0      0.0.0.0         255.255.0.0     U     0      0        0 docker0
172.31.32.0     0.0.0.0         255.255.240.0   U     0      0        0 eth0


After



Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         172.31.32.1     0.0.0.0         UG    0      0        0 eth0
172.17.0.0      0.0.0.0         255.255.0.0     U     0      0        0 docker0
172.31.32.0     0.0.0.0         255.255.240.0   U     0      0        0 eth1
172.31.32.0     0.0.0.0         255.255.240.0   U     0      0        0 eth0


Below is the results of ip route list, before and after adding ethic.cfg


Before default via 172.31.32.1 dev eth0 172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.42.1 172.31.32.0/20 dev eth0 proto kernel scope link src 172.31.32.206


After



default via 172.31.32.1 dev eth0 
172.17.0.0/16 dev docker0  proto kernel  scope link  src 172.17.42.1 
172.31.32.0/20 dev eth1  proto kernel  scope link  src 172.31.37.20 
172.31.32.0/20 dev eth0  proto kernel  scope link  src 172.31.32.206


The issue is that the Elastic IP of second network interface with private ip 172.31.37.20 is not resolving to the private ip as the docker container hosted in it is not accessible. I suspect the gateway configuration or the route configuration is the culprit here. The container is accessible when I ssh in to the aws instance and use curl command. However its not returning the result when I access the same using the Elastic IP associated with it.





Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)