An internal customer reported a issue when the IMDS not able to reach the IMDS server if the default interface becomes an interface in which IMDS is not able to reached such as a local interface on the customer on-premise. The working fix is to use an interface which can call IMDS and use that as a parameter to curl --interface and store this interface name between calls.
Submitted a Draft PR and testing these changes:
#116
I will follow up once review and testing is completed.
UPDATE: This issue only applies to instance with multiple network interfaces. Ie Interface 1 is an ENI and Interface 2 is LNI (or something with blocked access to IMDS). Do not mistake for regular connectivity issues with single interfaces.
UPDATE1: We are holding off on merging this because of the high risk change and talking with EC2 NX to see if they can have IMDS guaranteed for a primary ENI.
An internal customer reported a issue when the IMDS not able to reach the IMDS server if the default interface becomes an interface in which IMDS is not able to reached such as a local interface on the customer on-premise. The working fix is to use an interface which can call IMDS and use that as a parameter to curl --interface and store this interface name between calls.
Submitted a Draft PR and testing these changes:
#116
I will follow up once review and testing is completed.
UPDATE: This issue only applies to instance with multiple network interfaces. Ie Interface 1 is an ENI and Interface 2 is LNI (or something with blocked access to IMDS). Do not mistake for regular connectivity issues with single interfaces.
UPDATE1: We are holding off on merging this because of the high risk change and talking with EC2 NX to see if they can have IMDS guaranteed for a primary ENI.