Enabling Enhanced Networking with the Elastic Network Adapter (ENA)¶
To enable enhanced networking on AWS, Netgate® pfSense® Plus Firewall/VPN/Router must be version 2.4.1 or above. Use the update wizard in the pfSense® Plus console to perform the update if necessary and then ENA can be enabled. Enabling ENA is outlined in the steps below:
Updating the Netgate pfSense® Plus Firewall/VPN/Router will force it to reboot and cause a disruption in service. Be sure to perform the update during a maintenance cycle.
Install AWS CLI. Documentation on the installation and use of AWS CLI can be found at https://aws.amazon.com/cli/
Determine the Instance ID for the pfSense® Plus Instance from the EC2 Console.
Stop the instance using Amazon EC2 console.
Enable the enhanced networking attribute by executing the following AWS CLI command:
aws ec2 modify-instance-attribute --instance-id i-042c16b65423b7dac --ena-support
Use the EC2 Console to start the pfSense® Plus Instance. Once the pfSense® Plus Instance has started, confirm that EnaSupport is enabled by executing the following AWS CLI command:
aws ec2 describe-instances --instance-ids i-042c16b65423b7dac --query 'Reservations.Instances.EnaSupport' [ true ]
Change the pfSense® Plus Instance Type to one that supports Enhanced Networking using the EC2 console. After selecting an Instance Type that supports Enhanced Networking use the EC2 console to stop the pfSense® Plus Instance.
To review the Instance Types please see: https://aws.amazon.com/ec2/instance-types/.
Once the pfSense® Plus Instance has stopped, use the EC2 Console to select the pfSense® Plus Instance and then under the Actions button select Instance Settings > Change Instance Type and select a new Instance Type.
In the EC2 Console the pfSense® Plus Instance should now show an Instance Type of m4.xlarge.
Using the EC2 console select the pfSense® Plus Instance and then under the Actions button select Instance State > Start.