cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ilya <ilya.mailing.li...@gmail.com>
Subject Re: Bug resolve for 4.5.2
Date Fri, 15 May 2015 01:51:36 GMT
Daan,

Thanks for heads up on 4.6 changes, nevertheless, quite of few folks 
will use 4.5 for at least a year before they upgrade to 4.6 or 4.7 by 
then, so we should still fix it in 4.5.

Regards
ilya

On 5/14/15 5:26 AM, Daan Hoogland wrote:
> Andrija, Marcus, Keep in mind that the vpc configuration scripts changed
> drastically in 4.6/master. The ms-called scripts are replaced by a json
> representation of the configuration that is processed on the VR. Any fix to
> the present set of scripts will be short lived.
>
> Op do 14 mei 2015 om 06:01 schreef Marcus <shadowsor@gmail.com>:
>
> This could be a good opportunity to get your hands dirty and submit a
>> patch! These iptables rules are managed by a handful of shell scripts.
>> There are some specific to VPC if I remember correctly, in /opt/cloud/bin
>> on the virtual router. You can get a history of what script was run and
>> with which parameters either I'm /var/log/cloud.out on the router or debug
>> logs on the agent where the router runs.
>> On May 13, 2015 2:57 PM, "Somesh Naidu" <Somesh.Naidu@citrix.com> wrote:
>>
>>> I believe the default network offering for Isolated Network
>>> (DefaultIsolatedNetworkOfferingWithSourceNatService) does the same. So I
>>> guess that may not be the problem.
>>>
>>> Regards,
>>> Somesh
>>>
>>> -----Original Message-----
>>> From: Andrija Panic [mailto:andrija.panic@gmail.com]
>>> Sent: Wednesday, May 13, 2015 12:14 PM
>>> To: dev@cloudstack.apache.org
>>> Subject: Re: Bug resolve for 4.5.2
>>>
>>> Is this maybe happening, because Im using everything of services on
>> single
>>> NEtwork offering : StaticNat, NetworkACL, PortForwarding, UserData, Vpn,
>>> SourceNat, Dns, Lb, Dhcp ?
>>> Maybe because of the design with some of the services ?
>>>
>>> Maybe I shouldnt use all stuff - although it doesnt make sense to me...
>>>
>>> On 12 May 2015 at 16:46, Andrija Panic <andrija.panic@gmail.com> wrote:
>>>
>>>> Hi Erik,
>>>>
>>>> Thanks for geting back to me.
>>>>
>>>> I have commented the issue and provided example from brand new ACS
>>>> installation, and new VPC, 1 network, 1 VM.
>>>>
>>>>
>> http://secure-web.cisco.com/1WU4eQfmrJcfhnrBedw7AyAJbKlVUQJ5VhSpUxxbUMahg8oXbGqUkLA33un89ck8JZJHs78G4VumAGMsOQokXJ5RK2_C1-omDL66nAwlgG_yoJCZQeR79XNTfU-ql5XbKf2H05s7s4AvWrJ8ZId2r8sE7sqyx2ls3eI4vgRQgET6fU_cPtUbtUth_vZTSVzhCoq8agNngtqqw9uXXKzMXCQ/http%3A%2F%2Fpastebin.com%2FihjiDZ9h
>>> - iptables-save from inside VR on pastebin -
>>>> this is brand new VPC (1 network, 1 VM in network) on 4.4.3 release.
>>>> http://snag.gy/V949g.jpg - ACS setup and "proof" :
>>>> XXX.39.228.155 - main VPC IP
>>>> XXX.39.228.156 - additional IP, configured Static NAT to private VM
>>>> 10.10.10.10
>>>> Connected to XXX39.228.156:22 - and done "netstat -antup | grep 22" -
>>>> remote connection seems to come from XXX.39.228.155 - main VPC IP.
>>>> This is ACS 4.4.3, Advanced Zone, KVM.
>>>>
>>>>
>>>> Thanks
>>>>
>>>> On 12 May 2015 at 14:43, Erik Weber <terbolous@gmail.com> wrote:
>>>>
>>>>> On Tue, May 12, 2015 at 2:31 PM, Andrija Panic <
>> andrija.panic@gmail.com
>>>>> wrote:
>>>>>
>>>>>> Hi dev team,
>>>>>>
>>>>>> I was wondering who would be willing to help with:
>>>>>> https://issues.apache.org/jira/browse/CLOUDSTACK-8451
>>>>>>
>>>>>> remote IP not seen in VM behind VPC...
>>>>>>
>>>>> Could you get the relevant iptables rule with 'iptables-save'?
>> obfuscate
>>>>> addresses etc. if you feel like it
>>>>>
>>>>> --
>>>>> Erik
>>>>>
>>>>
>>>>
>>>> --
>>>>
>>>> Andrija Panić
>>>>
>>>
>>>
>>> --
>>>
>>> Andrija Panić
>>>


Mime
View raw message