Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id C689A200D23 for ; Thu, 19 Oct 2017 21:32:29 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id C4E9D1609EE; Thu, 19 Oct 2017 19:32:29 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id E38081609D7 for ; Thu, 19 Oct 2017 21:32:28 +0200 (CEST) Received: (qmail 59081 invoked by uid 500); 19 Oct 2017 19:32:27 -0000 Mailing-List: contact users-help@cloudstack.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: users@cloudstack.apache.org Delivered-To: mailing list users@cloudstack.apache.org Received: (qmail 59069 invoked by uid 99); 19 Oct 2017 19:32:27 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd3-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 19 Oct 2017 19:32:27 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd3-us-west.apache.org (ASF Mail Server at spamd3-us-west.apache.org) with ESMTP id 71A0D1807F7 for ; Thu, 19 Oct 2017 19:32:26 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd3-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: -0.801 X-Spam-Level: X-Spam-Status: No, score=-0.801 tagged_above=-999 required=6.31 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=2, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-2.8, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=disabled Authentication-Results: spamd3-us-west.apache.org (amavisd-new); dkim=pass (1024-bit key) header.d=pern.onmicrosoft.com Received: from mx1-lw-us.apache.org ([10.40.0.8]) by localhost (spamd3-us-west.apache.org [10.40.0.10]) (amavisd-new, port 10024) with ESMTP id x6N1lulLMeFQ for ; Thu, 19 Oct 2017 19:32:24 +0000 (UTC) Received: from EUR03-VE1-obe.outbound.protection.outlook.com (mail-eopbgr50063.outbound.protection.outlook.com [40.107.5.63]) by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTPS id F33C55FD41 for ; Thu, 19 Oct 2017 19:32:23 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pern.onmicrosoft.com; s=selector1-lums-edu-pk; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=sb62/7j4ZyMn4I1/S1EWG0m7JBfDtyJLTAdJXYK1Qbk=; b=Z2qku2QLipG7qexY/VDh/Q3mHmPaNz4INrd5V3Rz3ujW4ikUJphEgd85SXOZ9n8cA5YpgU+j+XXPw0w+JSq7eqXCgH2iTZOIYH6SMdR5KCbkgag/+l4tTwPk9K1L26wA+c4RrmkpD5zi3EFkhkcvKzAdrcftsJROZETPs6m40O4= Received: from AM0PR0702MB3745.eurprd07.prod.outlook.com (52.133.51.26) by AM0PR0702MB3747.eurprd07.prod.outlook.com (52.133.51.28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.156.4; Thu, 19 Oct 2017 19:32:15 +0000 Received: from AM0PR0702MB3745.eurprd07.prod.outlook.com ([fe80::18f0:a365:7e7c:ca56]) by AM0PR0702MB3745.eurprd07.prod.outlook.com ([fe80::18f0:a365:7e7c:ca56%13]) with mapi id 15.20.0156.004; Thu, 19 Oct 2017 19:32:15 +0000 From: Muhammad Adeel Zahid <16030053@lums.edu.pk> To: "users@cloudstack.apache.org" Subject: Re: Iptables of Host machine blocks http traffic to Guest VM's Thread-Topic: Iptables of Host machine blocks http traffic to Guest VM's Thread-Index: AQHTSQ0fAeds4f5Hd0Gul7zqAnkeMaLri4eRgAAA1YCAAALtZQ== Date: Thu, 19 Oct 2017 19:32:15 +0000 Message-ID: References: , In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [209.150.146.188] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1;AM0PR0702MB3747;6:u1LoagCImfGuHA9kZK8VhfG8cqzua4QG/lvyy38kglEHmj/+q3Inny+2LucX82QtAsu/3vMtnPMCnIuUyPF2ucguv4ggBo5gvyw1PuaU7QUFa/6KsVFc/k/32zweBjliokZWQDxsM2iFHrN2hetKyaghDY0XaK32QMJwqLVPmnwoWRLlFrrGXny4lyY5KLI+0UvzKOszkWjrwNkkpIybhu5TT9RanvKDLZNu1qrpccECmoz0TxP9e0byNnVhZRitOpSJt63n3ljk7aY5/TvVCIhXTPkY1+brg/vqIsLzbWjeLjNuVCWrOv8ky5HRZmeK8IRDnfbkxzchr0JZrwv00g==;5:vTScaYM69hqjkOTXvhAPu27Pls7dgyNy7JmaG82Pa/ti30E6o0oVgLaD6X3uwYlUgzZFuPqU4dByb/HPdJYD23YOOcDTIWesAt7ekHQl5VkAJfdnnZ/Xk5zFy9IJo2IQ/BCA9/2HbV9ax7zYLfnbGg==;24:yv2/+qWXlkhMtqQ08hybzwp8L0XLcNLqPsDljI40oU2F2PlI5u6E/Ucme+g2wTPE3lcWfn3QbWXH8rzqeCASUTGMv4oPoHGZLJgpayIxwFg=;7:MP3zl8QghAmo1JyreWtCuG6H3eo8VFaOfF7sHvFBPMMkTDSrfVolAbFNJlPc8sktptFnvRgzpAcrkrdpT9hSLD+EGbUR1kQME/vtBITSuTRGA/byLP/7LqPnWvkyw9HDnrbb/n4Hjb3uEr6V+p21olzJPjoPjMAcCIXnlHZU+Q8blyecpzRZpixI4QlJMTQeqbIen/AiVG+jtFHu2uS8wgK+M4iVMXile1eH6zNOSUY= x-ms-exchange-antispam-srfa-diagnostics: SSOS; x-ms-office365-filtering-correlation-id: 5c468b48-f7e3-4c6d-eac9-08d517281abb x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:(22001)(2017030254172)(4534020)(4602075)(4627075)(201703031133081)(201702281549075)(2017052603229)(201703131423095);SRVR:AM0PR0702MB3747; x-ms-traffictypediagnostic: AM0PR0702MB3747: x-exchange-antispam-report-test: UriScan:(158342451672863)(278428928389397)(64697473314591)(5213294742642); x-microsoft-antispam-prvs: x-exchange-antispam-report-cfa-test: BCL:0;PCL:0;RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(5005006)(8121501046)(93006095)(93001095)(3002001)(100000703101)(100105400095)(10201501046)(6041248)(20161123562025)(20161123564025)(20161123558100)(201703131423075)(201702281529075)(201702281528075)(201703061421075)(201703061406153)(20161123560025)(20161123555025)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095);SRVR:AM0PR0702MB3747;BCL:0;PCL:0;RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095);SRVR:AM0PR0702MB3747; x-forefront-prvs: 0465429B7F x-forefront-antispam-report: SFV:NSPM;SFS:(10009020)(376002)(346002)(24454002)(199003)(189002)(1730700003)(66066001)(105586002)(106356001)(8936002)(81166006)(7736002)(5660300001)(81156014)(54356999)(74316002)(101416001)(50986999)(966005)(76176999)(6116002)(42882006)(2906002)(3846002)(102836003)(88552002)(25786009)(2950100002)(6916009)(3280700002)(3660700001)(316002)(7696004)(2351001)(8676002)(478600001)(74482002)(229853002)(33656002)(786003)(189998001)(6506006)(5250100002)(6436002)(53936002)(5640700003)(2501003)(606006)(68736007)(9686003)(99286003)(14454004)(54896002)(236005)(2900100001)(86362001)(55016002)(53546010)(6246003)(97736004)(6306002)(81782002)(81742002);DIR:OUT;SFP:1101;SCL:1;SRVR:AM0PR0702MB3747;H:AM0PR0702MB3745.eurprd07.prod.outlook.com;FPR:;SPF:None;PTR:InfoNoRecords;A:1;MX:1;LANG:en; received-spf: None (protection.outlook.com: lums.edu.pk does not designate permitted sender hosts) authentication-results: spf=none (sender IP is ) smtp.mailfrom=16030053@lums.edu.pk; spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: multipart/alternative; boundary="_000_AM0PR0702MB374556FBB987EC2FE424F8AF90420AM0PR0702MB3745_" MIME-Version: 1.0 X-OriginatorOrg: lums.edu.pk X-MS-Exchange-CrossTenant-Network-Message-Id: 5c468b48-f7e3-4c6d-eac9-08d517281abb X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Oct 2017 19:32:15.7134 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 75df096c-8b72-48e4-9b91-cbf79d87ee3a X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR0702MB3747 archived-at: Thu, 19 Oct 2017 19:32:30 -0000 --_000_AM0PR0702MB374556FBB987EC2FE424F8AF90420AM0PR0702MB3745_ Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: quoted-printable I am using KVM as hypervisor and for network configuration I followed the f= ollowing link http://docs.cloudstack.apache.org/projects/cloudstack-installation/en/4.6/q= ig.html Except that my ip addresses are from 10.0.0.x series. And I do not know abo= ut ingress/egress rules and how to configure them. Quick Installation Guide for CentOS 6 =97 Apache CloudStack ... docs.cloudstack.apache.org High level overview of the process=B6 This runbook will focus on building a= CloudStack cloud using KVM on CentOS 6.5 with NFS storage on a flat layer-= 2 network ... ________________________________ From: Rafael Weing=E4rtner Sent: Friday, October 20, 2017 12:19:49 AM To: users@cloudstack.apache.org Subject: Re: Iptables of Host machine blocks http traffic to Guest VM's What type of deployment are you using? Did you try configuring the ingress/egress rules for the network of the VM you are creating? On Thu, Oct 19, 2017 at 5:17 PM, Muhammad Adeel Zahid <16030053@lums.edu.pk= > wrote: > One more finding. Even restarting the iptables service does the trick. Wh= y > is that? What can I do to avoid having to restart the iptables service? > > > > Regards > > Adeel > > ________________________________ > From: Muhammad Adeel Zahid <16030053@lums.edu.pk> > Sent: Friday, October 20, 2017 12:08:43 AM > To: users@cloudstack.apache.org > Subject: Iptables of Host machine blocks http traffic to Guest VM's > > Hello, > > > Finally, I have created a template from centos 6.8 ISO with jdk 1.8 > installed and a web application hosted. I can now create VM's from this > templates and they work fine except one problem. The web applications in > guest VMs created from template are only accessible from the host running > the VMs. If I access them (web applications) from some other system on th= e > same LAN they are not accessible until I turn off the iptables service on > host machine. Is there an ip table rule that I can add to work around thi= s > problem not only for the existing VMs but for the VMs I will be creating = on > this host in the future? > > > Regards > > Adeel > > -- Rafael Weing=E4rtner --_000_AM0PR0702MB374556FBB987EC2FE424F8AF90420AM0PR0702MB3745_--