cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nux! <...@li.nux.ro>
Subject Re: Guest VMs cannot access Internet
Date Sat, 06 Feb 2016 23:37:43 GMT
That's not you check it, CentOS 7 now comes with firewalld and the iptables-services are not
installed by defaut.
"iptables-save" will output the current state of the firewall

--
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro

----- Original Message -----
> From: "Sean Lair" <slair@ippathways.com>
> To: users@cloudstack.apache.org
> Sent: Saturday, 6 February, 2016 22:56:23
> Subject: RE: Guest VMs cannot access Internet

> Thanks for the response!  the iptables service is currently stopped:
> 
> # systemctl stop iptables
> Failed to stop iptables.service: Unit iptables.service not loaded.
> 
> -----Original Message-----
> From: Nux! [mailto:nux@li.nux.ro]
> Sent: Saturday, February 6, 2016 4:13 PM
> To: users@cloudstack.apache.org
> Subject: Re: Guest VMs cannot access Internet
> 
> Hi Sean,
> 
> Have you double checked iptables rules are correct (or disabled) on the
> underlying KVM hypervisor?
> 
> Lucian
> 
> --
> Sent from the Delta quadrant using Borg technology!
> 
> Nux!
> www.nux.ro
> 
> ----- Original Message -----
>> From: "Sean Lair" <slair@ippathways.com>
>> To: users@cloudstack.apache.org
>> Sent: Saturday, 6 February, 2016 21:47:19
>> Subject: Guest VMs cannot access Internet
> 
>> Hi all,
>> 
>> I'm having an issue I'm hoping you can assist with.  Brand new
>> Cloudstack 4.8 deployment running on CentOS7 and KVM hypervisors.
>> Using advanced networking with VLAN isolation.
>> 
>> Deploying new VMs using the default CentOS5.5 instance works great.
>> The virtual router is deployed as expected to perform source NAT.  If
>> I log into the virtual router, it can ping the Internet and the guest
>> VMs.  The guest VMs can ping each other as they are on the same
>> subnet.  The virtual router has an Internet public IP it is using for Source
>> NAT.
>> 
>> The guest VMs however cannot access the Internet.  Under the public IP
>> address [Source NAT] -> Firewall, I'm allowing 0.0.0.0/0 ICMP with
>> "-1" for ICMP Type and code.  For the Egress rules for the guest
>> network, I have 0.0.0.0/0 All protocols and All ports.  I can ping the
>> outside of the virtual router (public
>> IP) from the Internet.
>> 
>> From my troubleshooting above I'm guessing it is something to do with
>> the virtual router, but am not sure how to troubleshoot next.
>> 
>> Thanks in advance for any assistance.
>> 
>> Thanks
> > Sean

Mime
View raw message