All Questions
Tagged with amazon-web-services networking
251
questions
0
votes
0
answers
10
views
Public IP should not be changed when aws eks cluster and managed nodegroup is upgraded
We have used the eks cluster(current version 1.20) and managed nodegroup and used the public IPs of the nodes for our purpose so now when we upgrade the eks cluster and nodegroup with version 1.21 all ...
0
votes
1
answer
61
views
Internet speed from AWS Singapore region to EU is very slow
We are running k8s cluster in AWS Singapure region. We also have self-managed EC2 NAT instance of type t3.xlarge. According to spec, it has 1 Gbps baseline speed, and burst up to 5 Gbps.
When running ...
- 101
0
votes
0
answers
38
views
ARP resolution does not work as intended in VPC when doing L2 Announcements with CIlium CNI on a K8S Cluster spanning EC2 instances
VPC Configuration
VPC CIDR: 10.0.0.0/16
Region 1: 10.0.0.0/24 (public), 10.0.64.0/24 (private)
Region 2: 10.0.16.0/24 (public), 10.0.80.0/24 (private)
Region 3: 10.0.32.0/24 (public), 10.0.96.0/24 (...
- 131
0
votes
2
answers
76
views
Wordpress and MySQL on same EC2 instance, different subnets. One public one Private
My goal is to have a single EC2 instance containing both WordPress and its MySQL database on same VPC and have the WordPress available on the public subnet and MySQL on the private subnet. The purpose ...
- 101
0
votes
0
answers
41
views
Unable to join EC2 worker to VirtualBox master
Im deploying a Hybrid Cloud(VirtualBox-AWS) Kubernetes cluster. What I have done so far:
Set the control-plane on Ubuntu Server 22.04 LTS via VirtualBox 6.1.
Change network adapter to bridged
Ran the ...
- 101
0
votes
0
answers
106
views
dns problems in self managed aws ec2 cluster with aws-vpc-cni
I'm new to k8s and I've been trying to learn it. I faced a problem with trying to setup aws-vpc-k8s-cni on my fresh k8s cluster with coredns. Here's the problem in detail.
Cluster & Network ...
- 131
0
votes
1
answer
51
views
MQ broker in private or public subnet?
I'm setting up an MQ broker in an AWS environment.
The MQ broker will be used by both services running in that AWS environment as well as services running in other locations.
All other services ...
- 1,630
0
votes
0
answers
41
views
AWS: access private API from public web application
I have:
Private API running on an ECS cluster behind an internal load balancer. This API is used by other services inside the VPC.
A public Next.js web application.
What I need:
Give private API ...
- 101
0
votes
1
answer
44
views
Debugging Lambda Connectivity to EC2
I have a simple Lambda deployed into my VPC that is making a call to an EC2 host in the same VPC (and subnet). They both share an SG and I've used the Reachability Analyzer (from the Lambda ENI to ...
- 63
1
vote
0
answers
248
views
Routing outbound traffic through multiples NAT Gateways with a single static IP address
I have an ask from an external customer that is whitelisting our NAT gateways to access their systems and their vendors systems. They said some of their vendors limit the amount of IPs they can ...
- 111
5
votes
2
answers
1k
views
Thousands of incoming HEAD requests - best way to handle with EC2?
I had unusually high https traffic recently from a couple of IP address with agents masquerading as Windows clients. I blocked the range via 'deny' inside of .htaccess (Apache 2.4)
I'm still getting ...
- 475
0
votes
0
answers
105
views
AWS EC2 networking
I've been trying to understand how exactly networking works for EC2 instances, more specifically I'm coming from on-prem infrastructure where I had dedicated networking devices (switches/routers) ...
0
votes
1
answer
227
views
AWS instance gateway using Amazon Linux
I'm trying to create a gateway on an aws ec2 amazon linux machine so that a worker machine without access to the internet can gain access via the gateway. Then I will install a server on it and ...
- 1
0
votes
1
answer
128
views
Windows EC2 Networking: packets dropping if PPS is too high
I have a Windows 2019 Server running on AWS EC2 (m5.4xlarge) which is dropping packets under high pressure ("high" in this case is about 10K pps). The bandwidth is doing perfectly okay, the ...
- 101
0
votes
0
answers
139
views
How to correctly load balance requests from a Java client to an NLB over multiple AZs
Requests from a Java client to an NLB over multiple AZs Not load-balanced
Summary:
Expectation: every request from Java is load balanced between two nodes.
Actual behavior: all the requests go to one ...
1
vote
0
answers
180
views
Webapp in Azure huge time network response and latency compared to AWS
I own a pretty simple WebApp, based on php/mysql/redis/nginx.
I was trying to move the server to Azure, to see if I could save some money, and today I created a WebApp on Azure using the wizard UI of ...
- 111
0
votes
0
answers
238
views
Unexpected behavior with AWS Firewall and Default Stateful Rules
I have configured an AWS Firewall in our testing account, pretty much following the standard setup procedure as documented by AWS. From our private subnet, outbound traffic heading to the internet is ...
0
votes
0
answers
128
views
Spot instance sometime slow down and loss connection
I have a system deployed in AWS EKS, sometimes spot instances metrics is down, and API call to these nodes are very slow. Here is my system:
1 EKS cluster
1 on-demand node group
1 Karpenter v0.29.2 ...
- 21
1
vote
0
answers
70
views
AWS Multi Zone Redundancy - Load Balancer vs Global Accelerator vs Elastic IP what to use?
I am a bit confused with the Options for load balancing between different AZs for redundancy. I have an application which requires network load balancing and should optimally not depend on DNS to do ...
- 141
0
votes
1
answer
52
views
Domain sharing to another server
We have domain that registered in a cloudflare by alb dns CNAME record and hosted in windows server as prod server.
on other hand we also had an ubuntu server infront of windows server.
My question is ...
3
votes
2
answers
2k
views
AWS NAT Instance Setup
This question was originally posted to stack overflow, they suggested I repost it here (https://stackoverflow.com/questions/76715004/aws-nat-instance-setup).
I am currently learning the AWS cloud and ...
- 31
0
votes
1
answer
415
views
Lost Local Connection to MySQL DB that resides in AWS RDS
The MySQL DB residing in AWS RDS was made to connect with resources in the same VPC. I always had to make it publicly accessible in order to connect to it through MySQL Workbench 8.0 CE in Windows 11. ...
0
votes
1
answer
261
views
Elastic IP not working for Network Load Balancer
I have created a Network Load Balancer on AWS with two public subnets. For one of the subnet, I have allocated a static elastic IP. When trying to reach the NLB using the static IP I get ...
- 101
-2
votes
1
answer
101
views
I have 2 AWS accounts A and B. On premises client network c. I have a VPN tunnel from B TO C which works fine and A TO B with peering
I have 2 AWS accounts A and B. On premises client network c. I have a VPN tunnel from B TO C which works fine and A TO B with peering.
can we communicate from A to C with the help existing VPN tunnel ...
- 1
1
vote
0
answers
723
views
Configure Secondary Interface on EC2 using Ubuntu 22.04
I have launched a EC2 instance having OS Ubuntu 22.04 which has a primary interface ens5
I have attached a secondary Interface ens6.
This is the output of ifconfig -a
root@ip-172-31-7-213:/home/ubuntu#...
- 145
1
vote
0
answers
800
views
AWS client VPN can't resolve DNS server
I am swapping out a wiregaurd vpn running on an EC2 instance with a AWS client VPN so that i can use MFA with google. I have most of what i want in place, but i am stuck on setting up the VPN to use ...
- 111
0
votes
1
answer
203
views
How to add a computer to a Domain of windows server 2022 runing on AWS EC2
I have Windows server 2022 running in AWS EC2 with the address that the same instance in EC2 generated, this server can be opened perfectly from any location using "Remote Desk
controller" ...
1
vote
2
answers
475
views
AWS Network Firewall + Windows EC2 Instance - google.com is not blocked in browser but is blocked in the command line
I'm using AWS Network Firewall along with a Windows EC2 instance to test. The goal is to allow access to only allowed URLs, which are:
example.com
.amazon.com
.amazonaws.com
This generally works. ...
- 121
0
votes
0
answers
963
views
Docker/Mariadb: Error starting userland proxy: Listen tcp {IP}:{PORT}: bind cannot assign requested address
I have been unable to run the command: docker-compose up --build -d as I get the following error:
ERROR: for mariadb Cannot start service mariadb: driver failed programming external connectivity on ...
0
votes
0
answers
299
views
Failed to connect to remote MySQL server via proxy
I am trying to use an R tool in which RMySQL is one of the package being used. I am working this on ubuntu behind a corporate proxy but having the following issue for three days persistently.
Error ...
- 1
0
votes
1
answer
243
views
AWS Elastic Beanstalk random spike in NetworkIn traffic once to twice a day
Unusual traffic on my Elastic Beanstalk application. NetworkIn, NetworkOut both spike once to twice a day at random times. Sometimes it crashes my load balancer and I have to go in and manually kill ...
- 121
0
votes
0
answers
236
views
Cannot Ping Primary interface after configuring second INT on AWS
I have an Amazon EC2 Instance running Ubuntu server 16.04
I want the EC2 to have two network interfaces. After configuring the secondary interface. I cannot ping my primary interface from my other ...
- 1
0
votes
0
answers
421
views
In AWS how can I route outbound EC2 traffic through different Internet Gateways depending on the payload?
I have a weird scenario where I need to route certain outbound traffic from an app hosted on EC2 through different regional IP addresses.
Long story short we have 2 clients with APIs that our app ...
- 103
0
votes
1
answer
3k
views
Best way to add static routes to every pod in a Kubernetes cluster?
I have 3 nodes running several OpenVPN pods, each pod has a VPN network of 100.70.0.0/16, and clients that connect to these pods receive IP addresses in this range, for example, let's say that client ...
- 58
0
votes
1
answer
5k
views
How can an AWS lambda function call an EC2 instance via private ip address?
How can I get a lambda to call an ec2 instances via its private ip address?
Long story short, making a discord bot for my minecraft server mates to start and stop the AWS instance, and to handle auto ...
- 139
1
vote
1
answer
258
views
Idle database connection lost
I am able to connect to the database server (Firebird), run queries, all those fun things, but after an undetermined period of inactivity, the next query attempt generates the following error
Unable ...
- 111
1
vote
1
answer
3k
views
How to get public static IP of my AWS VPC?
My services are hosted in AWS VPC. I use VPN to access my servers. For using a third party service I need to whitelist my public static IP address on their site. How can I get my public static IP ...
0
votes
1
answer
639
views
Why EC-2 machine is unable to connect into internet if it is behind a Nat Gateway that is associated with a Subnet?
I try to implement this network in amazon AWS:
Therefore, I have the following subnets in amazon VPC:
The subnet subnet-0ac620105fc198e33 uses a NAT Gateway with an elastic IP having the following ...
0
votes
0
answers
134
views
Cannot browse from AWS instance to itself
I created new AWS instance today and ran into a problem.
Browsing (HTTPS) from external machines to my AWS instance works fine. When I browse from instance itself, I receive "Site can't be ...
- 35
0
votes
1
answer
247
views
Amazon Web Service (AWS) EC2 instances: Unstable network bandwidths with long-distance connections
I'm trying to deploy a data processing system over a wide area covering multiple regions of AWS. Before doing this, I've been profiling the network connections over the variety of distances, but I've ...
- 1
0
votes
1
answer
51
views
AWS EC2 instance randomly refuses connections. Given the context below what could be causing this?
Context:
The instance sits behind an Application Load Balancer.
The main and only route table for the VPC routes locally as well as to the Internet Gateway
The security group for the instance and Load ...
1
vote
0
answers
277
views
JBoss: How does <stacks> in the standalone-ha.xml work?
This file contains the usual Keycloak server configuration with the addition of WildFly10 High Availability extensions like Infinispan HA cache and JGroups HA communication channels and their ...
- 123
0
votes
1
answer
202
views
Configure third party DNS to Static Public Ip attached to AWS ElasticBeanStalk
First at all, I am a beginner in this fields, so apologies If my questions is stupid or just too easy.
What do we want to configure? Well, we have a partnership with a website wwww.partner.com.
We ...
1
vote
1
answer
2k
views
How to authorize only IP from a Fargate ECS service for MongoDB Atlas Cluster
I have an ECS Fargate service mapped to an Application Load Balancer on AWS. In this service, there are several task that are frequently killed and restart.
These tasks should be able to connect to a ...
- 113
0
votes
1
answer
67
views
Ran route -f on AWS Windows server and now can't reconnect
I was attempting to resolve a network issue on an AWS server and while in an RDP session, stupidly ran 'route -f' and now am unable to reconnect to the server at all. It's gone completely dark. AWS ...
- 11
0
votes
1
answer
1k
views
Allow access to EC2 from 1 country only
I need to restrict access of http(s) and pop/imap ports of an EC2 instance to a single country. Its a requirement from security auditor. It will not prevent access via vpn, but atleast it will not be ...
- 111
0
votes
0
answers
654
views
How to connect local printer to AWS RDP and then expose to network
What I want to achieve is
Connect my home printer to a RDP in AWS then expose that printer to AWS VPC so any device connected to that VPC can send print jobs to the home printer.
What I don't want is
...
- 11
1
vote
0
answers
1k
views
How Does AWS Implement SrcDestCheck (Source / Destination Checks)
The documentation for setting up NAT Instances calls out that you must disable Source / Destination Checks on your NAT Instance for it to work. From https://docs.aws.amazon.com/vpc/latest/userguide/...
- 23
0
votes
1
answer
888
views
AWS client VPN endpoint - some client ip's do not allow access to resources
I am using AWS client VPN endpoint with 2 VPC's:
VPN VPC (10.100.0.0/16)
App VPC (10.200.0.0/16)
VPC peering between the 2 VPC and Route table rules to communicate both.
My resources in the 'App VPC'...
- 101
0
votes
0
answers
399
views
Whitelist external IP for an external service for on premise Gitlab in AWS private network (VPC)
I have a technical question, I have an on premise Gitlab on a private network and I would like to have an integration (Localize), there documentation says that I have to whitelist a range of IP ...
- 11