Use this procedure to enable a DNS query from the PKT0 port via the HFE.
In the user-data, add the following lines ending in '#DNS Query
' by replacing the values in < >
with the IPs identified in step 1:
sudo /bin/bash $HFE_FILE setup /bin/echo "Configured using HFE script - $HFE_FILE" >> $LOG_FILE sudo iptables -t nat -I POSTROUTING -o eth0 -s <Active SBC Pkt0 Primary IP> -j SNAT --to <HFE Eth0 primary IP> #DNS Query sudo iptables -t nat -I POSTROUTING -o eth0 -s <Standby SBC Pkt0 Primary IP> -j SNAT --to <HFE Eth0 primary IP> #DNS Query /bin/echo "Added rules to support DNS queries from SBC" >> $LOG_FILE #DNS Query /bin/echo $(timestamp) " ========================= Done ==========================================" >> $LOG_FILE --//
Use the following procedure to verify the changes:
ec2-user
using the mgmt port.sudo iptables -t nat -vnL
.In some Amazon Linux 2 AMIs, cloudinit will not get the latest user-data, and instead uses a cached version.
If the new rules are not added, then perform the following steps:
sudo cat /var/lib/cloud/instance/user-data.txt
sudo rm -rf /var/lib/cloud/instances/*
sudo reboot