cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jayapal Reddy Uradi <jayapalreddy.ur...@citrix.com>
Subject Re: Security Group bug impeding system VMs functionality
Date Wed, 16 Apr 2014 03:56:07 GMT
Hi Nux,

The paste links are does not exist.
Can you please upload the logs again. Also upload rules/logs specific to system rules are
not set.


Thanks,
Jayapal

On 11-Apr-2014, at 9:10 PM, Nux! <nux@li.nux.ro> wrote:

> Hello,
> 
> I'm on 4.3 right now, CentOS6.5 + KVM and SG ADV zone.
> What happens is that after a reboot or after disabling a zone, when the system VMs come
back the iptables rules required for their proper functioning do not get set.
> It seems to be happening randomly and it may not be affecting both VMs (S and V) at the
same time.
> 
> More info:
> http://paste.fedoraproject.org/93567/72307041/
> sg log: http://paste.fedoraproject.org/93564/23056713/
> 
> The problem always goes away if I stop/start the system VMs; the required iptables rules
get created, eg:
> -A s-105-VM -m physdev --physdev-in vnet3 --physdev-is-bridged -j RETURN
> -A s-105-VM -m physdev --physdev-in vnet2 --physdev-is-bridged -j RETURN
> -A s-105-VM -m physdev --physdev-in vnet1 --physdev-is-bridged -j RETURN
> -A s-105-VM -j ACCEPT
> -A v-106-VM -m physdev --physdev-in vnet6 --physdev-is-bridged -j RETURN
> -A v-106-VM -m physdev --physdev-in vnet5 --physdev-is-bridged -j RETURN
> -A v-106-VM -j ACCEPT
> 
> 
> If someone could have a look at this it'd be great. Let me know if more info is needed.
> 
> Lucian
> 
> -- 
> Sent from the Delta quadrant using Borg technology!
> 
> Nux!
> www.nux.ro


Mime
View raw message