You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@cloudstack.apache.org by Nux! <nu...@li.nux.ro> on 2014/03/25 12:45:15 UTC

Re: [4.3] Problem with SG, possible release blocker

On 24.03.2014 22:26, Nux! wrote:
> Hi,
> 
> Possibly as recent work has been done on the SG iptables bits to fix
> some serious issues, some others may have been introduced.
> Here's the default output of iptables-save in a KVM agent:
> http://paste.fedoraproject.org/88208/39569972/
> 
> The critical line is: "-A FORWARD -i ssbr0 -j DROP"
> This means SSVM can't contact SS.
> 
> Possibly also this, though I have not noticed any problems yet:
> "-A FORWARD -o mgmtbr0 -j DROP
> -A FORWARD -i mgmtbr0 -j DROP"
> 
> Can anyone confirm this bug please and make a quick amendment?

This might be a small issue, but if confirmed it should be a blocker as 
it impedes Adv+SG zone functionality.

-- 
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro