cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Matthew Midgett <supp...@trickhosting.biz>
Subject Re: Help with SSVM routes
Date Fri, 04 Apr 2014 14:33:03 GMT
This is the correct statement. I had cloudbr3 which was incorrect.

I do not see cloudbr2 which is connected to my public interface. I'm no 
iptables expert so if you  can help  with the commands to add to this 
list it would be very helpful.


Sent from my Galaxy S®III

-------- Original message --------
From: Matthew Midgett <support@trickhosting.biz> 
Date:04/04/2014  10:07 AM  (GMT-05:00) 
To: "users@cloudstack.apache.org >> "users@cloudstack.apache.org"" <users@cloudstack.apache.org>

Subject: Re: Help with SSVM routes 

My network admin asked to change the managment ip addresses so now they 
are a 172.16.0.0/16 I wiped the database and setup  the system again. I 
am still having problems resolving dns from inside of ssvm. Its wierd I 
can telnet / ssh out to my mail server by using the ip address. The 
only  thing I can think of is the iptables on my host must be wrong. Can 
someone  please look at this and tell me what to do.

I do not see cloudbr3 which is connected to my public interface. I'm no 
iptables expert so if you  can help  with the commands to add to this 
list it would be very helpful.


[root@cst2 ~]# cat /etc/sysconfig/iptables
# Generated by iptables-save v1.4.7 on Fri Apr  4 09:32:17 2014
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:BF-breth2-101 - [0:0]
:BF-breth2-101-IN - [0:0]
:BF-breth2-101-OUT - [0:0]
:BF-cloud0 - [0:0]
:BF-cloud0-IN - [0:0]
:BF-cloud0-OUT - [0:0]
:BF-cloudbr0 - [0:0]
:BF-cloudbr0-IN - [0:0]
:BF-cloudbr0-OUT - [0:0]
-A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT
-A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT
-A INPUT -i virbr0 -p udp -m udp --dport 67 -j ACCEPT
-A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT
-A INPUT -s 172.16.0.0/16 -p udp -m state --state NEW -m udp --dport 111 
-j ACCEPT
-A INPUT -s 172.16.0.0/16 -p tcp -m state --state NEW -m tcp --dport 111 
-j ACCEPT
-A INPUT -s 172.16.0.0/16 -p tcp -m state --state NEW -m tcp --dport 
2049 -j ACCEPT
-A INPUT -s 172.16.0.0/16 -p tcp -m state --state NEW -m tcp --dport 
32803 -j ACCEPT
-A INPUT -s 172.16.0.0/16 -p udp -m state --state NEW -m udp --dport 
32769 -j ACCEPT
-A INPUT -s 172.16.0.0/16 -p tcp -m state --state NEW -m tcp --dport 892 
-j ACCEPT
-A INPUT -s 172.16.0.0/16 -p udp -m state --state NEW -m udp --dport 892 
-j ACCEPT
-A INPUT -s 172.16.0.0/16 -p tcp -m state --state NEW -m tcp --dport 875 
-j ACCEPT
-A INPUT -s 172.16.0.0/16 -p udp -m state --state NEW -m udp --dport 875 
-j ACCEPT
-A INPUT -s 172.16.0.0/16 -p tcp -m state --state NEW -m tcp --dport 662 
-j ACCEPT
-A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT
-A INPUT -i virbr0 -p udp -m udp --dport 67 -j ACCEPT
-A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 49152:49216 -j ACCEPT
-A INPUT -i virbr0 -p udp -m udp --dport 67 -j ACCEPT
-A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 5900:6100 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 16509 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A FORWARD -o cloud0 -m physdev --physdev-is-bridged -j BF-cloud0
-A FORWARD -i cloud0 -m physdev --physdev-is-bridged -j BF-cloud0
-A FORWARD -o cloud0 -j DROP
-A FORWARD -i cloud0 -j DROP
-A FORWARD -o breth2-101 -m physdev --physdev-is-bridged -j BF-breth2-101
-A FORWARD -i breth2-101 -m physdev --physdev-is-bridged -j BF-breth2-101
-A FORWARD -o breth2-101 -j DROP
-A FORWARD -i breth2-101 -j DROP
-A FORWARD -o cloudbr0 -m physdev --physdev-is-bridged -j BF-cloudbr0
-A FORWARD -i cloudbr0 -m physdev --physdev-is-bridged -j BF-cloudbr0
-A FORWARD -o cloudbr0 -j DROP
-A FORWARD -i cloudbr0 -j DROP
-A BF-breth2-101 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A BF-breth2-101 -m physdev --physdev-is-in --physdev-is-bridged -j 
BF-breth2-101-IN
-A BF-breth2-101 -m physdev --physdev-is-out --physdev-is-bridged -j 
BF-breth2-101-OUT
-A BF-breth2-101 -m physdev --physdev-out eth2.101 --physdev-is-bridged 
-j ACCEPT
-A BF-cloud0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A BF-cloud0 -m physdev --physdev-is-in --physdev-is-bridged -j 
BF-cloud0-IN
-A BF-cloud0 -m physdev --physdev-is-out --physdev-is-bridged -j 
BF-cloud0-OUT
-A BF-cloud0 -m physdev --physdev-out vnet0 --physdev-is-bridged -j ACCEPT
-A BF-cloudbr0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A BF-cloudbr0 -m physdev --physdev-is-in --physdev-is-bridged -j 
BF-cloudbr0-IN
-A BF-cloudbr0 -m physdev --physdev-is-out --physdev-is-bridged -j 
BF-cloudbr0-OUT
-A BF-cloudbr0 -m physdev --physdev-out eth0 --physdev-is-bridged -j ACCEPT
COMMIT
# Completed on Fri Apr  4 09:32:17 2014
# Generated by iptables-save v1.4.7 on Fri Apr  4 09:32:17 2014
*mangle
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
COMMIT
# Completed on Fri Apr  4 09:32:17 2014
# Generated by iptables-save v1.4.7 on Fri Apr  4 09:32:17 2014
*nat
:PREROUTING ACCEPT [92:16743]
:POSTROUTING ACCEPT [575:38614]
:OUTPUT ACCEPT [575:38614]
COMMIT
# Completed on Fri Apr  4 09:32:17 2014




On 04/03/2014 08:04 PM, Matthew Midgett wrote:
> I have made some changes to my network but I am still unable to ping 
> my internal lan from ssvm or anything past my public gateway. From the 
> internet I can ping the public ip of ssvm and console proxy so i know 
> that they are online.  I've included all that I can think of. If you 
> need more info please  tell me what it is.
>
>
> I am using CT 4.3 on Centos 6.5 64bit with KVM as a hypervisor
>
> Each of my hosts has 4 nics
>
> eth0 = managment ip - not bridged to to fencing problem with clvm
> eth1 = cloudbr0 - Managment network
> eth2 = cloudbr1 - Guest network - Not routable
> eth3 = cloudbr2 - Public Network
>
>
>
> cat  /etc/sysconfig/network-scripts/ifcfg-eth0
> DEVICE="eth0"
> BOOTPROTO=static
> HWADDR="78:E7:D1:8E:2F:AE"
> NM_CONTROLLED="none"
> ONBOOT=yes
> TYPE="Ethernet"
> IPADDR=10.0.0.11
> NETMASK=255.255.0.0
> GATEWAY=10.0.0.1
>
> cat  /etc/sysconfig/network-scripts/ifcfg-eth1
> DEVICE=eth1
> BOOTPROTO=none
> HWADDR=78:E7:D1:8E:2F:B0
> ONBOOT=yes
> USERCTL=no
> NM_CONTROLLED=no
> BRIDGE=cloudbr0
>
> cat  /etc/sysconfig/network-scripts/ifcfg-eth2
> DEVICE=eth2
> BOOTPROTO=none
> HWADDR=78:E7:D1:8E:2F:B2
> ONBOOT=yes
> USERCTL=no
> BRIDGE=cloudbr1
> NM_CONTROLLED=no
>
> cat  /etc/sysconfig/network-scripts/ifcfg-eth3
> DEVICE=eth3
> BOOTPROTO=none
> HWADDR=78:E7:D1:8E:2F:B4
> ONBOOT=yes
> USERCTL=no
> BRIDGE=cloudbr2
> NM_CONTROLLED=yes
>
> cat  /etc/sysconfig/network-scripts/ifcfg-cloudbr0
> DEVICE=cloudbr0
> NM_CONTROLLED=no
> ONBOOT=yes
> TYPE=Bridge
>
> NAME=cloudbr0cat  /etc/sysconfig/network-scripts/ifcfg-cloudbr1
> DEVICE=cloudbr1
> NM_CONTROLLED=no
> ONBOOT=yes
> TYPE=Bridge
> NAME=cloudbr1
>
>
> cat  /etc/sysconfig/network-scripts/ifcfg-cloudbr2
> DEVICE=cloudbr2
> NM_CONTROLLED=no
> ONBOOT=yes
> TYPE=Bridge
> BOOTPROTO=none
> NAME=cloudbr2
>
> This is from my host agent
>
> cloud0    Link encap:Ethernet  HWaddr FE:00:A9:FE:01:AC
>           inet addr:169.254.0.1  Bcast:169.254.255.255 Mask:255.255.0.0
>           inet6 addr: fe80::b8d2:12ff:fe3b:b29e/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:294 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:441 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:0
>           RX bytes:32944 (32.1 KiB)  TX bytes:35436 (34.6 KiB)
>
> cloudbr0  Link encap:Ethernet  HWaddr 78:E7:D1:8E:2F:B0
>           inet6 addr: fe80::7ae7:d1ff:fe8e:2fb0/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:5258 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:10 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:0
>           RX bytes:320858 (313.3 KiB)  TX bytes:848 (848.0 b)
>
> cloudbr1  Link encap:Ethernet  HWaddr 78:E7:D1:8E:2F:B2
>           inet6 addr: fe80::7ae7:d1ff:fe8e:2fb2/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:4574 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:10 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:0
>           RX bytes:259539 (253.4 KiB)  TX bytes:848 (848.0 b)
>
> cloudbr2  Link encap:Ethernet  HWaddr 78:E7:D1:8E:2F:B4
>           inet6 addr: fe80::7ae7:d1ff:fe8e:2fb4/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:15993 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:10 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:0
>           RX bytes:790730 (772.1 KiB)  TX bytes:848 (848.0 b)
>
> eth0      Link encap:Ethernet  HWaddr 78:E7:D1:8E:2F:AE
>           inet addr:10.0.0.11  Bcast:10.0.255.255 Mask:255.255.0.0
>           inet6 addr: fe80::7ae7:d1ff:fe8e:2fae/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:324715 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:182088 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:1000
>           RX bytes:462054590 (440.6 MiB)  TX bytes:15619811 (14.8 MiB)
>
> eth1      Link encap:Ethernet  HWaddr 78:E7:D1:8E:2F:B0
>           inet6 addr: fe80::7ae7:d1ff:fe8e:2fb0/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:10905 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:291 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:1000
>           RX bytes:1350186 (1.2 MiB)  TX bytes:18822 (18.3 KiB)
>
> eth2      Link encap:Ethernet  HWaddr 78:E7:D1:8E:2F:B2
>           inet6 addr: fe80::7ae7:d1ff:fe8e:2fb2/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:4573 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:11 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:1000
>           RX bytes:341807 (333.7 KiB)  TX bytes:902 (902.0 b)
>
> eth3      Link encap:Ethernet  HWaddr 78:E7:D1:8E:2F:B4
>           inet6 addr: fe80::7ae7:d1ff:fe8e:2fb4/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:17230 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:362 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:1000
>           RX bytes:1169067 (1.1 MiB)  TX bytes:32704 (31.9 KiB)
>
> lo        Link encap:Local Loopback
>           inet addr:127.0.0.1  Mask:255.0.0.0
>           inet6 addr: ::1/128 Scope:Host
>           UP LOOPBACK RUNNING  MTU:16436  Metric:1
>           RX packets:158 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:158 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:0
>           RX bytes:16172 (15.7 KiB)  TX bytes:16172 (15.7 KiB)
>
> virbr0    Link encap:Ethernet  HWaddr 52:54:00:7E:4D:34
>           inet addr:192.168.122.1  Bcast:192.168.122.255 
> Mask:255.255.255.0
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:0 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:0
>           RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
>
> virbr0-nic Link encap:Ethernet  HWaddr 52:54:00:7E:4D:34
>           BROADCAST MULTICAST  MTU:1500  Metric:1
>           RX packets:0 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:500
>           RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
>
> vnet0     Link encap:Ethernet  HWaddr FE:00:A9:FE:03:F4
>           inet6 addr: fe80::fc00:a9ff:fefe:3f4/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:16 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:104 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:500
>           RX bytes:1240 (1.2 KiB)  TX bytes:5032 (4.9 KiB)
>
> vnet1     Link encap:Ethernet  HWaddr FE:A3:00:00:6D:24
>           inet6 addr: fe80::fca3:ff:fe00:6d24/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:2061 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:5113 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:500
>           RX bytes:153845 (150.2 KiB)  TX bytes:357965 (349.5 KiB)
>
> vnet2     Link encap:Ethernet  HWaddr FE:12:CE:00:FE:FF
>           inet6 addr: fe80::fc12:ceff:fe00:feff/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:19 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:15984 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:500
>           RX bytes:1086 (1.0 KiB)  TX bytes:1014711 (990.9 KiB)
>
> vnet3     Link encap:Ethernet  HWaddr FE:00:A9:FE:01:AC
>           inet6 addr: fe80::fc00:a9ff:fefe:1ac/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:257 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:385 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:500
>           RX bytes:34166 (33.3 KiB)  TX bytes:32236 (31.4 KiB)
>
> vnet4     Link encap:Ethernet  HWaddr FE:00:3C:00:09:60
>           inet6 addr: fe80::fc00:3cff:fe00:960/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:244 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:1173 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:500
>           RX bytes:17504 (17.0 KiB)  TX bytes:82457 (80.5 KiB)
>
> vnet5     Link encap:Ethernet  HWaddr FE:B4:E8:00:0B:01
>           inet6 addr: fe80::fcb4:e8ff:fe00:b01/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:165 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:4251 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:500
>           RX bytes:14386 (14.0 KiB)  TX bytes:272597 (266.2 KiB)
>
> vnet6     Link encap:Ethernet  HWaddr FE:7E:DC:00:36:54
>           inet6 addr: fe80::fc7e:dcff:fe00:3654/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:4 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:1143 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:500
>           RX bytes:408 (408.0 b)  TX bytes:80603 (78.7 KiB)
>
> vnet7     Link encap:Ethernet  HWaddr FE:00:A9:FE:02:22
>           inet6 addr: fe80::fc00:a9ff:fefe:222/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:21 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:84 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:500
>           RX bytes:1654 (1.6 KiB)  TX bytes:4288 (4.1 KiB)
>
> vnet8     Link encap:Ethernet  HWaddr FE:2F:DE:00:04:2B
>           inet6 addr: fe80::fc2f:deff:fe00:42b/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:242 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:1184 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:500
>           RX bytes:16824 (16.4 KiB)  TX bytes:83099 (81.1 KiB)
>
> vnet9     Link encap:Ethernet  HWaddr FE:F1:AC:00:0B:02
>           inet6 addr: fe80::fcf1:acff:fe00:b02/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:190 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:4292 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:500
>           RX bytes:16664 (16.2 KiB)  TX bytes:276172 (269.6 KiB)
>
> == END   ifconfig -a ==
>
> == BEGIN brctl show ==
> bridge name    bridge id        STP enabled    interfaces
> cloud0        8000.fe00a9fe01ac    no        vnet0
>                             vnet3
>                             vnet7
> cloudbr0        8000.78e7d18e2fb0    no        eth1
>                             vnet1
>                             vnet4
>                             vnet6
>                             vnet8
> cloudbr1        8000.78e7d18e2fb2    no        eth2
> cloudbr2        8000.78e7d18e2fb4    no        eth3
>                             vnet2
>                             vnet5
>                             vnet9
> virbr0        8000.5254007e4d34    yes        virbr0-nic
> == END   brctl show ==
>
> == BEGIN route -n ==
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags Metric Ref
Use 
> Iface
> 192.168.122.0   0.0.0.0         255.255.255.0   U     0 0       
0 virbr0
> 10.0.0.0        0.0.0.0         255.255.0.0     U     0 0       
0 eth0
> 169.254.0.0     0.0.0.0         255.255.0.0     U     0 0       
0 cloud0
> 0.0.0.0         10.0.0.1        0.0.0.0         UG    0 0       
0 eth0
> == END   route -n ==
>
> == BEGIN sysctl -a | grep .rp_filter ==
> net.ipv4.conf.all.rp_filter = 0
> net.ipv4.conf.all.arp_filter = 0
> net.ipv4.conf.default.rp_filter = 1
> net.ipv4.conf.default.arp_filter = 0
> net.ipv4.conf.lo.rp_filter = 1
> net.ipv4.conf.lo.arp_filter = 0
> net.ipv4.conf.eth0.rp_filter = 1
> net.ipv4.conf.eth0.arp_filter = 0
> net.ipv4.conf.eth1.rp_filter = 1
> net.ipv4.conf.eth1.arp_filter = 0
> net.ipv4.conf.eth2.rp_filter = 1
> net.ipv4.conf.eth2.arp_filter = 0
> net.ipv4.conf.eth3.rp_filter = 1
> net.ipv4.conf.eth3.arp_filter = 0
> net.ipv4.conf.cloudbr0.rp_filter = 1
> net.ipv4.conf.cloudbr0.arp_filter = 0
> net.ipv4.conf.cloudbr1.rp_filter = 1
> net.ipv4.conf.cloudbr1.arp_filter = 0
> net.ipv4.conf.cloudbr2.rp_filter = 1
> net.ipv4.conf.cloudbr2.arp_filter = 0
> net.ipv4.conf.virbr0.rp_filter = 1
> net.ipv4.conf.virbr0.arp_filter = 0
> net.ipv4.conf.virbr0-nic.rp_filter = 1
> net.ipv4.conf.virbr0-nic.arp_filter = 0
> net.ipv4.conf.cloud0.rp_filter = 1
> net.ipv4.conf.cloud0.arp_filter = 0
> net.ipv4.conf.vnet0.rp_filter = 1
> net.ipv4.conf.vnet0.arp_filter = 0
> net.ipv4.conf.vnet1.rp_filter = 1
> net.ipv4.conf.vnet1.arp_filter = 0
> net.ipv4.conf.vnet2.rp_filter = 1
> net.ipv4.conf.vnet2.arp_filter = 0
> net.ipv4.conf.vnet3.rp_filter = 1
> net.ipv4.conf.vnet3.arp_filter = 0
> net.ipv4.conf.vnet4.rp_filter = 1
> net.ipv4.conf.vnet4.arp_filter = 0
> net.ipv4.conf.vnet5.rp_filter = 1
> net.ipv4.conf.vnet5.arp_filter = 0
> net.ipv4.conf.vnet6.rp_filter = 1
> net.ipv4.conf.vnet6.arp_filter = 0
> net.ipv4.conf.vnet7.rp_filter = 1
> net.ipv4.conf.vnet7.arp_filter = 0
> net.ipv4.conf.vnet8.rp_filter = 1
> net.ipv4.conf.vnet8.arp_filter = 0
> net.ipv4.conf.vnet9.rp_filter = 1
> net.ipv4.conf.vnet9.arp_filter = 0
> == END   sysctl -a | grep .rp_filter ==
>
> == BEGIN ip rule show ==
> 0:    from all lookup local
> 32766:    from all lookup main
> 32767:    from all lookup default
> == END   ip rule show ==
>
> == BEGIN ip route show ==
> 192.168.122.0/24 dev virbr0  proto kernel  scope link  src 192.168.122.1
> 10.0.0.0/16 dev eth0  proto kernel  scope link  src 10.0.0.11
> 169.254.0.0/16 dev cloud0  proto kernel  scope link  src 169.254.0.1
> default via 10.0.0.1 dev eth0
> == END   ip route show ==
>
> == BEGIN cat /etc/resolv.conf ==
> ; generated by /sbin/dhclient-script
> search charlottlecolo.com charlottecolo.com
> nameserver 10.0.0.1
> nameserver 8.8.8.8
> nameserver 8.8.4.4
> nameserver 216.249.98.12
> nameserver 216.249.98.13
> == END   cat /etc/resolv.conf ==
>
>
> Now this is from SSVM
>
> root@s-1-VM:~#  /usr/local/cloud/systemvm/ssvm-check.sh
> ================================================
> First DNS server is  8.8.8.8
> PING 8.8.8.8 (8.8.8.8): 48 data bytes
> --- 8.8.8.8 ping statistics ---
> 2 packets transmitted, 0 packets received, 100% packet loss
> WARNING: cannot ping DNS server
> route follows
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags Metric Ref
Use 
> Iface
> 0.0.0.0         216.249.111.1   0.0.0.0         UG    0 0       
0 eth2
> 8.8.4.4         10.0.0.1        255.255.255.255 UGH   0 0       
0 eth1
> 8.8.8.8         10.0.0.1        255.255.255.255 UGH   0 0       
0 eth1
> 10.0.0.0        0.0.0.0         255.255.0.0     U     0 0       
0 eth1
> 10.0.0.0        0.0.0.0         255.255.0.0     U     0 0       
0 eth3
> 169.254.0.0     0.0.0.0         255.255.0.0     U     0 0       
0 eth0
> 216.249.111.0   0.0.0.0         255.255.255.0   U     0 0       
0 eth2
> ================================================
> ERROR: DNS not resolving download.cloud.com
> resolv.conf follows
> nameserver 8.8.8.8
> nameserver 8.8.4.4
> nameserver 8.8.8.8
> nameserver 8.8.4.4
> root@s-1-VM:~# ping 10.0.0.1
> PING 10.0.0.1 (10.0.0.1): 48 data bytes
> ^C--- 10.0.0.1 ping statistics ---
> 6 packets transmitted, 0 packets received, 100% packet loss
>
> root@s-1-VM:/etc/network# cat interfaces
> auto lo eth0 eth1 eth2
> iface lo inet loopback
>
> iface  eth0 inet static
>   address 169.254.1.172
>   netmask 255.255.0.0
> iface  eth1 inet static
>   address 10.0.19.95
>   netmask 255.255.0.0
> iface  eth2 inet static
>   address 216.249.111.2
>   netmask 255.255.255.0
>
> auto eth3
> iface  eth3 inet static
>   address 10.0.93.86
>   netmask 255.255.0.0
>
>
>
>
>
>
>
>
> On 03/27/2014 01:28 PM, Matthew Midgett wrote:
>> Yes the whole 10.0.0.0/16 is behind our firewall and has Internet 
>> access.
>>
>>
>> On 03/27/2014 01:22 PM, Erik Weber wrote:
>>> Does your management network have internet access? CS routes 
>>> internal dns
>>> over mgmt network and if your mgmt network doesnt have internet access
>>> you're basically without dns if you specify the same dns servers (Looks
>>> like you did).
>>>
>>> Erik
>>> 27. mars 2014 17:57 skrev "Matthew Midgett" <support@trickhosting.biz>
>>> følgende:
>>>
>>>> I am having trouble getting ssvm to connect to the management lan 
>>>> over the
>>>> private ip. Also I can't get it connect to the outside world. I can 
>>>> ping
>>>> the public gateway from ssvm and I can ping the public ip of the 
>>>> ssvm from
>>>> an external address. Something I noticed is that I can't ping 
>>>> anything on
>>>> the management lan from the ssvm.
>>>>
>>>> BTW my primary storage is on fiber so its really not across the 
>>>> management
>>>> lan. My secondary storage is on the management lan.
>>>>
>>>> Management lan / Storage Network
>>>>
>>>> 10.0.0.0/16
>>>>
>>>> Guest Lan
>>>>
>>>> 10.1.0.0/16
>>>>
>>>> Public
>>>> 216.249.111.0/24
>>>>
>>>> root@s-34191-VM:~# /usr/local/cloud/systemvm/./ssvm-check.sh
>>>> ================================================
>>>> First DNS server is  8.8.8.8
>>>> PING 8.8.8.8 (8.8.8.8): 56 data bytes
>>>> --- 8.8.8.8 ping statistics ---
>>>> 2 packets transmitted, 0 packets received, 100% packet loss
>>>> WARNING: cannot ping DNS server
>>>> route follows
>>>> Kernel IP routing table
>>>> Destination     Gateway         Genmask         Flags
Metric Ref 
>>>> Use Iface
>>>> 0.0.0.0         216.249.111.1   0.0.0.0         UG   
0 0        0 
>>>> eth2
>>>> 8.8.4.4         10.0.0.1        255.255.255.255 UGH   0
0        0 
>>>> eth1
>>>> 8.8.8.8         10.0.0.1        255.255.255.255 UGH   0
0        0 
>>>> eth1
>>>> 10.0.0.0        10.0.0.1        255.255.255.0   UG   
0 0        0 
>>>> eth1
>>>> 10.0.0.0        0.0.0.0         255.255.0.0     U    
0 0        0 
>>>> eth1
>>>> 10.0.0.0        0.0.0.0         255.255.0.0     U    
0 0        0 
>>>> eth3
>>>> 169.254.0.0     0.0.0.0         255.255.0.0     U    
0 0        0 
>>>> eth0
>>>> 216.249.111.0   0.0.0.0         255.255.255.0   U     0 0       
0 
>>>> eth2
>>>> ================================================
>>>> ERROR: DNS not resolving download.cloud.com
>>>> resolv.conf follows
>>>> nameserver 8.8.8.8
>>>> nameserver 8.8.4.4
>>>> nameserver 8.8.8.8
>>>> nameserver 8.8.4.4
>>>>
>>>> root@s-34191-VM:~# ifconfig
>>>> eth0      Link encap:Ethernet  HWaddr 0e:00:a9:fe:00:86
>>>>            inet addr:169.254.0.134  Bcast:169.254.255.255 
>>>> Mask:255.255.0.0
>>>>            inet6 addr: fe80::c00:a9ff:fefe:86/64 Scope:Link
>>>>            UP BROADCAST RUNNING MULTICAST  MTU:1500 Metric:1
>>>>            RX packets:997 errors:0 dropped:0 overruns:0 frame:0
>>>>            TX packets:763 errors:0 dropped:0 overruns:0 carrier:0
>>>>            collisions:0 txqueuelen:1000
>>>>            RX bytes:86924 (84.8 KiB)  TX bytes:103694 (101.2
KiB)
>>>>
>>>> eth1      Link encap:Ethernet  HWaddr 06:d8:72:00:5a:34
>>>>            inet addr:10.0.90.53  Bcast:10.0.255.255 Mask:255.255.0.0
>>>>            inet6 addr: fe80::4d8:72ff:fe00:5a34/64 Scope:Link
>>>>            UP BROADCAST RUNNING MULTICAST  MTU:1500 Metric:1
>>>>            RX packets:3174 errors:0 dropped:0 overruns:0 frame:0
>>>>            TX packets:698 errors:0 dropped:0 overruns:0 carrier:0
>>>>            collisions:0 txqueuelen:1000
>>>>            RX bytes:223025 (217.7 KiB)  TX bytes:49040 (47.8
KiB)
>>>>
>>>> eth2      Link encap:Ethernet  HWaddr 06:59:b4:00:fe:fe
>>>>            inet addr:216.249.111.2  Bcast:216.249.111.255
>>>> Mask:255.255.255.0
>>>>            inet6 addr: fe80::459:b4ff:fe00:fefe/64 Scope:Link
>>>>            UP BROADCAST RUNNING MULTICAST  MTU:1500 Metric:1
>>>>            RX packets:9223 errors:0 dropped:10 overruns:0 frame:0
>>>>            TX packets:288 errors:0 dropped:0 overruns:0 carrier:0
>>>>            collisions:0 txqueuelen:1000
>>>>            RX bytes:614771 (600.3 KiB)  TX bytes:25160 (24.5
KiB)
>>>>
>>>> eth3      Link encap:Ethernet  HWaddr 06:96:be:00:18:d2
>>>>            inet addr:10.0.24.211  Bcast:10.0.255.255 Mask:255.255.0.0
>>>>            inet6 addr: fe80::496:beff:fe00:18d2/64 Scope:Link
>>>>            UP BROADCAST RUNNING MULTICAST  MTU:1500 Metric:1
>>>>            RX packets:3051 errors:0 dropped:0 overruns:0 frame:0
>>>>            TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
>>>>            collisions:0 txqueuelen:1000
>>>>            RX bytes:215627 (210.5 KiB)  TX bytes:318 (318.0 B)
>>>>
>>>> lo        Link encap:Local Loopback
>>>>            inet addr:127.0.0.1  Mask:255.0.0.0
>>>>            inet6 addr: ::1/128 Scope:Host
>>>>            UP LOOPBACK RUNNING  MTU:16436  Metric:1
>>>>            RX packets:0 errors:0 dropped:0 overruns:0 frame:0
>>>>            TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
>>>>            collisions:0 txqueuelen:0
>>>>            RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
>>>>
>>>>
>>>>
>>
>> ___
>> Sent via Scrollout F1
>
> ___
> Sent via Scrollout F1

___
Sent via Scrollout F1
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message