Hello!
I hope everyone is doing great!
So my question is simple: Anyone has a example for Geneve config using AWS GWLB?
My objective:
EC2 instances forwarding traffic to the VPC endpoint (GWLB) and the VyOS receives (using geneve) and SNAT to Internet.
[ec2] → [vyos eth1] → [vyos nat to eth0] → Internet.
The target group report “healthy” (Using TCP 22 for health check)
Networks:
Apps subnet: 10.18.2.0/26
VyOS Geneve subnet: 10.18.1.0/28 (Interface eth1: 10.18.1.4)
VyOS WAN subnet: 10.18.0.0/28 (Interface eth0: 10.18.0.4)
My steps:
set interfaces geneve gnv0 vni 0
set interfaces geneve gnv0 description 'GWLB ingress interface'
set interfaces geneve gnv0 mtu 9001
set interfaces geneve gnv0 remote 10.18.1.13 ==> GWLB eni
NAT Rule:
set nat source rule 100 description 'apps-to-WAN'
set nat source rule 100 outbound-interface name 'eth0'
set nat source rule 100 log
set nat source rule 100 source address '10.18.0.0/22'
set nat source rule 100 translation address 'masquerade'
VPC Route Tables:
Apps Route table:
0.0.0.0 -> VPC endpoint
Geneve Route Table:
10.18.0.0/22 -> local network
WAN Route table:
0.0.0.0 -> Internet Gateway
10.18.2.0/26 -> local network
Monitoring interface eth1:
Testing ICMP from EC2 (10.18.2.14) to internet (8.8.8.8)
10.18.1.13.60970 > 10.18.1.4.6081: [udp sum ok] Geneve, Flags [none], vni 0x0, proto IPv4 (0x0800), options [class Unknown (0x108) type 0x1 len 12 data 487b51e2 537e02c0, class Unknown (0x108) type 0x2 len 12 data 00000000 00000000, class Unknown (0x108) type 0x3 len 8 data adad5cf8]
(tos 0x0, ttl 126, id 65408, offset 0, flags [DF], proto ICMP (1), length 84)
10.18.2.14 > 8.8.8.8: ICMP echo request, id 43, seq 53, length 64
Vyos Route table:
vyos@frw-vyos-box-a# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.18.0.1 0.0.0.0 UG 20 0 0 eth0
10.18.0.0 0.0.0.0 255.255.255.240 U 0 0 0 eth0
10.18.1.0 0.0.0.0 255.255.255.240 U 0 0 0 eth1
What im missing?