Return-Path: X-Original-To: apmail-cloudstack-users-archive@www.apache.org Delivered-To: apmail-cloudstack-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 435A3F9C7 for ; Tue, 30 Apr 2013 22:19:39 +0000 (UTC) Received: (qmail 95337 invoked by uid 500); 30 Apr 2013 22:19:38 -0000 Delivered-To: apmail-cloudstack-users-archive@cloudstack.apache.org Received: (qmail 95226 invoked by uid 500); 30 Apr 2013 22:19:38 -0000 Mailing-List: contact users-help@cloudstack.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: users@cloudstack.apache.org Delivered-To: mailing list users@cloudstack.apache.org Received: (qmail 95218 invoked by uid 99); 30 Apr 2013 22:19:38 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 30 Apr 2013 22:19:38 +0000 X-ASF-Spam-Status: No, hits=1.5 required=5.0 tests=HTML_MESSAGE,NORMAL_HTTP_TO_IP,RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of aemneina@gmail.com designates 74.125.82.46 as permitted sender) Received: from [74.125.82.46] (HELO mail-wg0-f46.google.com) (74.125.82.46) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 30 Apr 2013 22:19:32 +0000 Received: by mail-wg0-f46.google.com with SMTP id e11so916973wgh.1 for ; Tue, 30 Apr 2013 15:19:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=x-received:mime-version:reply-to:in-reply-to:references:from:date :message-id:subject:to:content-type; bh=8ISm0weqPzm+do0DjWv/5m+Ovq3XPwmnuXEQqzlFS0U=; b=k+bFQsrZMJpDt8k3uevzGLP9izYiZ3zxwHfHcWbf7AopMU0C/TSJEMQ9KhGcnlG2Eh SvpvwePi/wkaDknqFEpBwVJnhDiacuMLWNs4Rg7sJarwPaVsrySQD93sMTRrft+hNeZ/ qPvoJVt79L6NFKKlrwBQv7TlOFvdsYDI5NLGnLIk1OoHfGNXJLmy9V/EVvRNdo0QMyB6 C6Iz0uvQyavY+TSgKo75pvLW+jPQUOojTXy8Xc4vHAhahmRAFX3mJBRpoRujdT0RwDQd H0SfHz1EjL+W2vkE8qNVgW5EOwePjHcVQ7t6SLpnVSu+OJiHZSouMlnriJK+K+vqZjqm 0aGA== X-Received: by 10.194.92.197 with SMTP id co5mr212287wjb.41.1367360352600; Tue, 30 Apr 2013 15:19:12 -0700 (PDT) MIME-Version: 1.0 Received: by 10.180.82.137 with HTTP; Tue, 30 Apr 2013 15:18:52 -0700 (PDT) Reply-To: aemneina@gmail.com In-Reply-To: References: From: Ahmad Emneina Date: Tue, 30 Apr 2013 15:18:52 -0700 Message-ID: Subject: Re: SSVM unable to connect to DNS To: Cloudstack users mailing list , Carlos Reategui Content-Type: multipart/alternative; boundary=047d7bf0cf5018c7a604db9b64f1 X-Virus-Checked: Checked by ClamAV on apache.org --047d7bf0cf5018c7a604db9b64f1 Content-Type: text/plain; charset=ISO-8859-1 looks like you cant route out to the internet. can you ping 8.8.8.8 directly from the ssvm? On Tue, Apr 30, 2013 at 3:09 PM, Carlos Reategui wrote: > The SSVM in my rebuilt setup does not appear to be able to connect to the > DNS servers. > > root@s-1-VM:~# /usr/local/cloud/systemvm/ssvm-check.sh > ================================================ > First DNS server is 172.30.20.176 > PING 172.30.20.176 (172.30.20.176): 56 data bytes > 64 bytes from 172.30.20.176: icmp_seq=0 ttl=127 time=0.714 ms > 64 bytes from 172.30.20.176: icmp_seq=1 ttl=127 time=0.681 ms > --- 172.30.20.176 ping statistics --- > 2 packets transmitted, 2 packets received, 0% packet loss > round-trip min/avg/max/stddev = 0.681/0.698/0.714/0.000 ms > Good: Can ping DNS server > ================================================ > ERROR: DNS not resolving download.cloud.com > resolv.conf follows > nameserver 172.30.20.176 > nameserver 172.30.20.175 > nameserver 172.30.20.176 > nameserver 172.30.20.175 > > root@s-1-VM:~# nslookup cloud.com > ;; connection timed out; no servers could be reached > > root@s-1-VM:~# nslookup > > server 8.8.8.8 > Default server: 8.8.8.8 > Address: 8.8.8.8#53 > > download.cloud.com > ;; connection timed out; no servers could be reached > > > > root@s-1-VM:~# iptables -L -n > Chain INPUT (policy DROP) > target prot opt source destination > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp > dpt:443 > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp > dpt:80 > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp > dpt:3922 > ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state > RELATED,ESTABLISHED > ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state > RELATED,ESTABLISHED > ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state > RELATED,ESTABLISHED > ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state > RELATED,ESTABLISHED > ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 > DROP icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 13 > ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp > dpt:3922 > > Chain FORWARD (policy DROP) > target prot opt source destination > > Chain OUTPUT (policy ACCEPT) > target prot opt source destination > REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp > dpt:80 reject-with icmp-port-unreachable > REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp > dpt:443 reject-with icmp-port-unreachable > > Chain HTTP (0 references) > target prot opt source destination > > > Where should I look next? > > thanks > Carlos > --047d7bf0cf5018c7a604db9b64f1--