cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marcus Sorensen <>
Subject Re: basic zone security groups
Date Thu, 14 Mar 2013 04:13:04 GMT
Yes, that's exactly what I did. ebtables -F on the instance's inbound
chain. It was the 'DefaultSharedNetworkOffering'. I assumed there were
at least ebtables rules to keep the VM from using IP addresses it
didn't own, but this was like I had security groups turned on, without
the ability to edit the default group. I'd look into it but I'm not
entirely sure what's supposed to happen, as I'm used to the advanced
networking zones sans security groups.

I'll file a bug in jira.

On Wed, Mar 13, 2013 at 9:45 PM, Ahmad Emneina <> wrote:
> If ebtables -F restores vm service(s)... it sounds like a bug.
> On Wed, Mar 13, 2013 at 8:42 PM, Marcus Sorensen <>wrote:
>> Quick question, I deployed a basic zone today on 4.1 for testing, and
>> I chose the default network provider WITHOUT security groups. The
>> result was that all of the instances deployed could not host services.
>> They could get out, but nothing could reach their IPs. I ran an
>> 'ebtables -t nat -L' and saw that there were rules set up for each
>> instance, but there were no security group settings available to
>> adjust. Is this a bug, or was I doing something wrong?

View raw message