cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kirk Kosinski <>
Subject Re: stumped on Adv Network, SNAT
Date Wed, 18 Sep 2013 22:27:49 GMT
Hi, Noel.  Are you sure the traffic is not being sent out of the public
interface of the virtual router?  Can you log on and verify with
tcpdump?  If it really is not being sent out, try a stop/start of the
virtual router, and if that doesn't help, a destroy/recreate.  From the
described symptoms it seems like something is "messed up" in the virtual
router, and in such cases letting CloudStack reconfigure or recreate it
is usually the easiest solution.

Best regards,

On 09/13/2013 08:00 AM, Noel Kendall wrote:
> Had a successful 4.0.1 implementation.
> However, since upgrade to 4.1
> Guest system, on VLAN isolated advanced network, has a public IP...
> Have set egress on the network to let everything out.
> Forwarding SSH, WWW, HTTPS to guest, this works just fine.
> Guest is able to resolve DNS ... masq on the VR appears to operate fine.
> Traffic from guest directed to internet makes it to the VR just fine.
> Traffic from the VR to the internet makes it out and back just fine.
> IPTables shows an SNAT rule, which SNATs everything to the public IP.
> Routing table shows correct default gateway.
> Routing table shows public ip subnet routed out ethx interfaces just fine.
> Problem is... no outbound internet traffic is being routed by the VR from theinternal
eth0 interface to the external ethx interface. It's as though the packetsare being dropped,
not routed by the kernel.
> I am so close to having environment working, but am stumped at this point. From what
I can see,the VR looks right, guest looks right, CS network interface (FW rules, Forward rules)
look right.
> Any hints?
> Regards, N 		 	   		  

View raw message