Open JulianCBC opened 2 years ago
At some point in the past, reverse path protection was enabled for Amazon Linux 2 AMIs, which causes the host to silently drop all NAT traffic.
My investigation of this issue also uncovered the requirement to disable source/destination checks on the ENIs attached to the NAT box.
This pull request adds patches to brute-force disable reverse path protection and brute-force enable source/destination checks.
This is probably overkill to actually fix the issues, but it works.
At some point in the past, reverse path protection was enabled for Amazon Linux 2 AMIs, which causes the host to silently drop all NAT traffic.
My investigation of this issue also uncovered the requirement to disable source/destination checks on the ENIs attached to the NAT box.
This pull request adds patches to brute-force disable reverse path protection and brute-force enable source/destination checks.
This is probably overkill to actually fix the issues, but it works.