cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jijun <jiju...@gmail.com>
Subject Re: Security Groups
Date Tue, 17 Sep 2013 02:38:07 GMT
that resolve my problem ,thanks a lot!

On 09/13/2013 06:13 PM, Lynch, Gerard wrote:
> By default XenServer (6.x) disables iptable/arptable checking over bridges
> in /etc/sysctl.conf
> - you'll need to ensure those are enabled.
>
> net.bridge.bridge-nf-call-iptables = 1
> net.bridge.bridge-nf-call-ip6tables = 0
> net.bridge.bridge-nf-call-arptables = 1
>
>
>
> On 13/09/2013 04:55, "Jijun" <jijunlx@gmail.com> wrote:
>
>> hi , i encounter the same problem,
>>
>> as i know, XenServer 6.2 need not  the CSP.
>>
>> but the ingress not be blocked by default. i can ping all the Vms in
>> that security group.
>>
>> i don't know why?
>>
>> Thanks.
>>
>> On 09/13/2013 02:02 AM, Michael Phillips wrote:
>>> So that is definitely going to be the issue. I missed that in the 8.2.7
>>> section of the install guide.
>>>
>>>> From: Sangeetha.Hariharan@citrix.com
>>>> To: dev@cloudstack.apache.org
>>>> Subject: RE: Security Groups
>>>> Date: Thu, 12 Sep 2013 17:19:16 +0000
>>>>
>>>> If you are using Xenserver hosts , can you make sure you have the CSP
>>>> packages installed?
>>>>
>>>> -Thanks
>>>> Sangeetha
>>>>
>>>> -----Original Message-----
>>>> From: Michael Phillips [mailto:mphilli7823@hotmail.com]
>>>> Sent: Thursday, September 12, 2013 9:33 AM
>>>> To: dev@cloudstack.apache.org
>>>> Subject: Security Groups
>>>>
>>>> I posed this question in the user list, but I figured I would throw it
>>>> out here as well...So If I have created a zone with the
>>>> "DefaultSharedNetworkOfferingWithSGService" network offering, then
>>>> created a VM using the default security group, which has 0 ingress
>>>> rules, I should NOT be able to do things like PING that VM correct? The
>>>> answer to the above question was answered "correct"...My next question
>>>> is, in that case what are some things I could look at to see why it's
>>>> not behaving as expected.
>>>>    		 	   		
>>>    		 	   		
>>
>> -- 
>> Thanks,
>> Jijun
>>
>>
>
> Information in this email including any attachments may be privileged, confidential and
is intended exclusively for the addressee. The views expressed may not be official policy,
but the personal views of the originator. If you have received it in error, please notify
the sender by return e-mail and delete it from your system. You should not reproduce, distribute,
store, retransmit, use or disclose its contents to anyone. Please note we reserve the right
to monitor all e-mail communication through our internal and external networks. SKY and the
SKY marks are trademarks of British Sky Broadcasting Group plc and Sky International AG and
are used under licence. British Sky Broadcasting Limited (Registration No. 2906991), Sky-In-Home
Service Limited (Registration No. 2067075) and Sky Subscribers Services Limited (Registration
No. 2340150) are direct or indirect subsidiaries of British Sky Broadcasting Group plc (Registration
No. 2247735). All of the companies mentioned in this paragraph are incorporated in England
and Wales and share the same registered office at Grant Way, Isleworth, Middlesex TW7 5QD.
>
>


-- 
Thanks,
Jijun



Mime
View raw message