By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Suspected Bug: CDK fails Network Load Balancer deployment because ip-address-type is dual-stack, except it's not dual-stack

0

I have a Network Load Balancer with ip address type ipv4. The NLB is already deployed and has been deployed before. It's currently deployed in production in fact. I have a CKD stack where two UDP listeners are added to the NLB, the NLB is deployed manually and the listeners are added via the CDK stack. When I try to redeploy the stack as part of my normal deployment pipeline I get the following error:

RuntimeError: Error: UDP or TCP_UDP listeners cannot be added to a dualstack network load balancer.

But my NLB is not in dual-stack mode. I also have run the command from the awscli

aws elbv2 set-ip-address-type --load-balancer-arn arn:aws:elasticloadbalancing:**** --ip-address-type ipv4 --region ****

The command ran correctly but the issue persists. This happens whether I run cdk deploy from the shell or if it runs automatically in the pipeline.

Topics
Networking & Content DeliveryAWS Cloud Development Kit (CDK)
Tags
Elastic Load BalancingNetwork Load BalancerAWS Cloud Development Kit (CDK)
Language
English
Alessandro Baccini
asked a month ago500 views
2 Answers
0

It seems the issue is occurring because your NLB currently only supports IPv4, but you are trying to add UDP listeners which require the NLB to be in dual-stack mode to support both IPv4 and IPv6.

A few things you can try:

 aws elbv2 set-ip-address-type --load-balancer-arn load-balancer-arn --ip-address-type dualstack --region region
  • Remove any existing listeners on the NLB before adding the new UDP listeners.
  • Deploy the CDK stack again after setting the NLB to dual-stack mode. This should resolve the error about UDP listeners requiring dual-stack.
  • Verify in the AWS console that the IP address type of the NLB is now dual-stack before and after deploying the CDK changes.
profile picture
EXPERT
Giovanni Lauria
answered a month ago
0

Thanks for the reply, but it seems that maybe you have misunderstood the issue. The error says that the NLB is dualstack (dualstack as in IPv4 and IPv6) while it is not. This same setup used to work fine and I'm inclined to think that maybe it's a bug in the current cdk release. The solution you propose is hard to test because the setup is in production and handles running traffic and I can't just remove the listeners. Setting up a test setup would be incredibly labour-intensive as it depends on some resources outside of my organisation. I don't understand why CDK keeps complaining about the load balancer being dualstack when it is not. And even after manually configuring it to be exclusively IPv4 the issue persists.

I have tried by the way to switch it over to dualstack from the awscli, the issue is that dualstack NLBs are not compatible with UDP listeners. So even if I detached the listeners and converted the NLB to dualstack and tried re-attaching the listeners, according to the docs it wouldn't work because UDP listeners need the NLB to be in IPv4 mode.

Alessandro Baccini
answered a month ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content