You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@cloudstack.apache.org by Nux! <nu...@li.nux.ro> on 2014/03/24 23:26:36 UTC
[4.3] Problem with SG (SS blocked)
Hi,
Possibly as recent work has been done on the SG iptables bits to fix
some serious issues, some others may have been introduced.
Here's the default output of iptables-save in a KVM agent:
http://paste.fedoraproject.org/88208/39569972/
The critical line is: "-A FORWARD -i ssbr0 -j DROP"
This means SSVM can't contact SS.
Possibly also this, though I have not noticed any problems yet:
"-A FORWARD -o mgmtbr0 -j DROP
-A FORWARD -i mgmtbr0 -j DROP"
Can anyone confirm this bug please and make a quick amendment?
Lucian
--
Sent from the Delta quadrant using Borg technology!
Nux!
www.nux.ro
Re: [4.3] Problem with SG, possible release blocker
Posted by Nux! <nu...@li.nux.ro>.
On 24.03.2014 22:26, Nux! wrote:
> Hi,
>
> Possibly as recent work has been done on the SG iptables bits to fix
> some serious issues, some others may have been introduced.
> Here's the default output of iptables-save in a KVM agent:
> http://paste.fedoraproject.org/88208/39569972/
>
> The critical line is: "-A FORWARD -i ssbr0 -j DROP"
> This means SSVM can't contact SS.
>
> Possibly also this, though I have not noticed any problems yet:
> "-A FORWARD -o mgmtbr0 -j DROP
> -A FORWARD -i mgmtbr0 -j DROP"
>
> Can anyone confirm this bug please and make a quick amendment?
This might be a small issue, but if confirmed it should be a blocker as
it impedes Adv+SG zone functionality.
--
Sent from the Delta quadrant using Borg technology!
Nux!
www.nux.ro