cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sanjeev Neelarapu <sanjeev.neelar...@citrix.com>
Subject RE: Security Groups
Date Thu, 19 Sep 2013 07:24:21 GMT
By default xen6.0.2 comes with openvswitch. Set it to bridge mode by using : "xe-switch-network-backend
bridge" command on xenserver.

-----Original Message-----
From: Michael Phillips [mailto:mphilli7823@hotmail.com] 
Sent: Thursday, September 19, 2013 10:16 AM
To: users@cloudstack.apache.org
Subject: RE: Security Groups

Sorry posted the wrong thing...please view this.
http://pastebin.com/NF28fpq7

> From: jayapalreddy.uradi@citrix.com
> To: users@cloudstack.apache.org
> Subject: Re: Security Groups
> Date: Thu, 19 Sep 2013 04:40:14 +0000
> 
> There are no cloudstack configured  iptables rules on your xen host.
> It seems iptables are stopped on the host ? 
> 
> Please check is CSP installed correctly not he host.
> Please try to force connect or host once.
> 
> 
> Thanks,
> Jayapal
> 
> 
> 
> On 19-Sep-2013, at 9:50 AM, Michael Phillips <mphilli7823@hotmail.com>
>  wrote:
> 
> > http://pastebin.com/xf9SBzVY
> > 
> >> From: jayapalreddy.uradi@citrix.com
> >> To: users@cloudstack.apache.org
> >> Subject: Re: Security Groups
> >> Date: Thu, 19 Sep 2013 03:54:51 +0000
> >> 
> >> Hi,
> >> Can you please share  host 'iptables -L -nv' output on pastebin
> >> 
> >> Thanks,
> >> Jayapal
> >> 
> >> On 19-Sep-2013, at 8:04 AM, Michael Phillips 
> >> <mphilli7823@hotmail.com>
> >> wrote:
> >> 
> >>> Having troubles getting security groups to function My "test" 
> >>> environment is as follows:
> >>> Cloudstack 4.1.1 on centos6.4Xen Server 6.0.2, CSP installed, 
> >>> iptables running...not sure if it needs to be but it is by default, all
xen patches installed.Primary Storage = iscsiSecondary Storage = nfs on mgmt serverSystem
VM's and router are running as expected.Network = flat 192.168.50.0/24 I then create 2 instances(vm's)
based on the centos5.6 template provided and assign them to the "default" security group.
The instances are able to "ping" each other, and I thought the expected behavior is that they
should not be able to, since the default security group has 0 ingress rules which should block
all inbound traffic.
> >>> What could I be missing??
> >>> 
> >>> 
> >>> 
> >>> 		 	   		  
> >> 
> > 		 	   		  
> 
 		 	   		  

Mime
View raw message