Barracuda F-Series Firewalls using an AWS Instance with enhanced networking support must enable this feature after updating to firmware version 6.2.0 or higher. F-Series Firewalls installed using the 6.2.0 (or higher) HVM image from the marketplace do not need to enable enhanced networking; it is automatically enabled if the image is deployed on an Instance with enhanced networking support.
In this article:
Before You Begin
- Verify that you are using an Instance with enhanced networking support. For more information, see Public Cloud.
Verify that you are using an HVM image of the Barracuda NextGen Firewall F-Series. PVM images cannot be updated.
- Install AWS CLI. For more information, see https://aws.amazon.com/cli/
- You need the Instance ID for your F-Series Firewall Instance.
Step 1. Enable Enhanced Networking
- Shut down the AWS Instance.
On the client with the AWS CLI, open a shell and enter:
aws ec2 modify-instance-attribute --instance-id YOUR_INSTANCE_ID --sriov-net-support simple
To verify the changes in the AWS configuration, enter:
aws ec2 describe-instance-attribute --instance-id YOUR_INSTANCE_ID --attribute sriovNetSupport
- Start up the AWS Instance.
Step 2. Verify Driver
After the Instance is rebooted, you can verify if enhanced network is used by checking the driver used for the network interface.
- Log into the firewall via SSH.
ethtool -i INTERFACE_NAME.
- Verify that you are using the ixgbevf driver.