You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cloudstack.apache.org by Rana Faisal Munir <ra...@yahoo.com> on 2013/04/09 09:44:59 UTC
Disable Router Firewall
Hi,
I have setup cloudstack for testing purposes. I want to establish MySQL Failover cluster on cloudstack. But for that there is some IP configurations, that cloudstack does not allowed. It consider it as IP spoofing. Please let me know how to disable the firewall, is there any way???
Regards
Rana Faisal Munir
Mobile: +92 333 6617324
Blog: ranafaisal.wordpress.com
Re: Disable Router Firewall
Posted by Rana Faisal Munir <ra...@yahoo.com>.
Thanks, this solved my problem :)
Regards
Rana Faisal Munir
Mobile: +92 333 6617324
Blog: ranafaisal.wordpress.com
________________________________
From: Ahmad Emneina <ae...@gmail.com>
To: Cloudstack users mailing list <us...@cloudstack.apache.org>; Rana Faisal Munir <ra...@yahoo.com>
Sent: Wednesday, April 10, 2013 10:03 AM
Subject: Re: Disable Router Firewall
I assume this is for guests within cloudstack, and this is a security
enabled zone... what you'll need to do is flush iptables and ebtables
rules... see if that helps.
iptables -F and ebtables -F
On Tue, Apr 9, 2013 at 12:44 AM, Rana Faisal Munir
<ra...@yahoo.com>wrote:
> Hi,
>
> I have setup cloudstack for testing purposes. I want to establish MySQL
> Failover cluster on cloudstack. But for that there is some IP
> configurations, that cloudstack does not allowed. It consider it as IP
> spoofing. Please let me know how to disable the firewall, is there any
> way???
>
>
>
>
> Regards
> Rana Faisal Munir
> Mobile: +92 333 6617324
> Blog: ranafaisal.wordpress.com
Re: Disable Router Firewall
Posted by Ahmad Emneina <ae...@gmail.com>.
I assume this is for guests within cloudstack, and this is a security
enabled zone... what you'll need to do is flush iptables and ebtables
rules... see if that helps.
iptables -F and ebtables -F
On Tue, Apr 9, 2013 at 12:44 AM, Rana Faisal Munir
<ra...@yahoo.com>wrote:
> Hi,
>
> I have setup cloudstack for testing purposes. I want to establish MySQL
> Failover cluster on cloudstack. But for that there is some IP
> configurations, that cloudstack does not allowed. It consider it as IP
> spoofing. Please let me know how to disable the firewall, is there any
> way???
>
>
>
>
> Regards
> Rana Faisal Munir
> Mobile: +92 333 6617324
> Blog: ranafaisal.wordpress.com
Re: Disable Router Firewall
Posted by Rana Faisal Munir <ra...@yahoo.com>.
Thanks
Regards
Rana Faisal Munir
Mobile: +92 333 6617324
Blog: ranafaisal.wordpress.com
________________________________
From: Shanker Balan <sh...@shapeblue.com>
To: "users@cloudstack.apache.org" <us...@cloudstack.apache.org>
Sent: Wednesday, April 10, 2013 9:26 AM
Subject: Re: Disable Router Firewall
On 09-Apr-2013, at 1:14 PM, Rana Faisal Munir <ra...@yahoo.com> wrote:
Hi,
>
>I have setup cloudstack for testing purposes. I want to establish MySQL Failover cluster on cloudstack. But for that there is some IP configurations, that cloudstack does not allowed. It consider it as IP spoofing. Please let me know how to disable the firewall,
is there any way???
>
Hi Rana,
I guess you are trying to do is to use a "floating" IP between the active and passive MySQL nodes? Have a look at https://cwiki.apache.org/CLOUDSTACK/multiple-ip-address-per-nic.html feature document.
One of the cases for Multiple IP address per NIC is to move private IP addresses between interfaces or instances which is what you need.
However, it looks like this feature is planned for CloudStack 4.2 per the design docs.
Regards.
--
Shanker Balan
Managing Consultant
M: +91 98860 60539
shanker.balan@shapeblue.com | www.shapeblue.com | Twitter:@shapeblue
ShapeBlue India, 22nd floor, Unit 2201, World Trade Centre, Bangalore - 560 055
This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or
related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd
is a company incorporated in England & Wales. ShapeBlue Services India LLP is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
RE: Disable Router Firewall
Posted by Jayapal Reddy Uradi <ja...@citrix.com>.
Hi,
In basic zone security group rules block user configured ip to nic.
If you are not using multiple ip address per nic, you need hack the security group rules in the host.
Note: On restart of VM/host cloudstack reconfigures the rules.
You need to modify iptables, ebtables (kvm) and arptables (xenserver) rules in the host.
These rules allows vm traffic by comparing mac and ip.
You can also refer CLOUDSTACK-24 bug.
Thanks,
Jayapal
From: Shanker Balan [mailto:shanker.balan@shapeblue.com]
Sent: Wednesday, 10 April 2013 9:56 AM
To: users@cloudstack.apache.org
Subject: Re: Disable Router Firewall
On 09-Apr-2013, at 1:14 PM, Rana Faisal Munir <ra...@yahoo.com>> wrote:
Hi,
I have setup cloudstack for testing purposes. I want to establish MySQL Failover cluster on cloudstack. But for that there is some IP configurations, that cloudstack does not allowed. It consider it as IP spoofing. Please let me know how to disable the firewall, is there any way???
Hi Rana,
I guess you are trying to do is to use a "floating" IP between the active and passive MySQL nodes? Have a look at https://cwiki.apache.org/CLOUDSTACK/multiple-ip-address-per-nic.html feature document.
One of the cases for Multiple IP address per NIC is to move private IP addresses between interfaces or instances which is what you need.
However, it looks like this feature is planned for CloudStack 4.2 per the design docs.
Regards.
--
Shanker Balan
Managing Consultant
[cid:E7CE8425-E245-4C99-B967-713DF2967392@local]
M: +91 98860 60539
shanker.balan@shapeblue.com<ma...@shapeblue.com> | www.shapeblue.com<http://www.shapeblue.com> | Twitter:@shapeblue
ShapeBlue India, 22nd floor, Unit 2201, World Trade Centre, Bangalore - 560 055
This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue Services India LLP is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
Re: Disable Router Firewall
Posted by Shanker Balan <sh...@shapeblue.com>.
On 09-Apr-2013, at 1:14 PM, Rana Faisal Munir <ra...@yahoo.com>> wrote:
Hi,
I have setup cloudstack for testing purposes. I want to establish MySQL Failover cluster on cloudstack. But for that there is some IP configurations, that cloudstack does not allowed. It consider it as IP spoofing. Please let me know how to disable the firewall, is there any way???
Hi Rana,
I guess you are trying to do is to use a "floating" IP between the active and passive MySQL nodes? Have a look at https://cwiki.apache.org/CLOUDSTACK/multiple-ip-address-per-nic.html feature document.
One of the cases for Multiple IP address per NIC is to move private IP addresses between interfaces or instances which is what you need.
However, it looks like this feature is planned for CloudStack 4.2 per the design docs.
Regards.
--
Shanker Balan
Managing Consultant
[cid:E7CE8425-E245-4C99-B967-713DF2967392@local]
M: +91 98860 60539
shanker.balan@shapeblue.com<ma...@shapeblue.com> | www.shapeblue.com<http://www.shapeblue.com> | Twitter:@shapeblue
ShapeBlue India, 22nd floor, Unit 2201, World Trade Centre, Bangalore - 560 055
This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue Services India LLP is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.