AKS-Edge icon indicating copy to clipboard operation
AKS-Edge copied to clipboard
verified publisher icon Azure

[BUG] Multiple NIC configurations - Static IP Configuration requires unnecessary gateway address when using internal/non routed networks

Open erwinkersten opened this issue 1 year ago • 2 comments

Description: When I add additional network adapters to the AKS Edge Essentials configuration and opt for a static IP setup, I am required to provide values for all three fields: Ip4Address, Ip4GatewayAddress, and Ip4PrefixLength, even when configuring a flat, internal, or non-routable network. In such cases, the Ip4GatewayAddress is not necessary.

The issue arises because the system enforces the requirement to provide all three values, even though gateways aren’t relevant for certain internal networks.

{
...,
"LinuxNode": {
    ...,
    "SecondaryNetworks": [
      {
        "VMSwitchName": "INTERNAL",
        "Ip4Address": "192.168.175.10",
        "Ip4PrefixLength": 24
      }
    ]
  }
}

When I try to omit the Ip4GatewayAddress, I encounter the following error: Invalid values provided for the subnet details. Either provide values for all (Ip4Address, Ip4PrefixLength & Ip4GatewayAddress) or for none of them.

More details:

[10/21/2024 08:22:47] Invalid values provided for the subnet details. Either provide values for all (Ip4Address, Ip4PrefixLength & Ip4GatewayAddress) or for none of them.
[10/21/2024 08:22:47] Validating AksEdge network parameters...
[10/21/2024 08:22:47] 1 errors found in the deployment configuration. Fix errors before deployment
[10/21/2024 08:22:47] AksEdge - JSON configuration contains errors

Expected Behavior Specifying the Ip4GatewayAddress should not be a mandatory field, particularly when it is not required or relevant for internal or non-routable networks. The configuration should allow for the omission of this field in such cases.

Work arround: I can use a workaround by specifying a bogus gateway address, which allows me to deploy the configuration. However, this results in an unnecessary and incorrect gateway being configured, which doesn’t make sense for internal or non-routable networks.

erwinkersten avatar Oct 21 '24 14:10 erwinkersten

Multiple NIC feature support was added to allow explicit network connectivity (via internet) for specific workload requirements. To make this feasible, we enforce all the network properties for these secondary networks today.

Can you elaborate your scenario here on this internal/private network use?

parameshbabu avatar Dec 02 '24 22:12 parameshbabu

Hi @parameshbabu, thanks for your reaction! I believe the description of my use case is already covered in the issue details. To clarify, in our scenario, a second NIC is utilized to connect to APIs on a private, segregated, non-routable network. Specifically, we need to access a private network that lacks a router or gateway to other networks. Currently, we’re forced to configure a bogus gateway address, which doesn’t make sense for our setup. Please let me know if I’ve misunderstood your question or if you’d like further elaboration!

erwinkersten avatar Mar 03 '25 12:03 erwinkersten