You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cloudstack.apache.org by Niclas Lindblom <ni...@icloud.com.INVALID> on 2020/11/19 07:45:05 UTC
Loadbalancer rule - open both TCP and UDP
Hi,
I need to add a load balancer rule for a specific port for both tcp and udp. In the drop down I can only select one or the other and I am not able to add 2 rules (one for each protocol) on the same port as I get a message that there’s a conflict with existing rule. How do I achieve opening a port for both tcp/udp into a VPC ?
Thanks
Niclas
Re: Loadbalancer rule - open both TCP and UDP
Posted by Niclas Lindblom <ni...@icloud.com.INVALID>.
Issue #4481 submitted.
I tried creating a port forwarder which does allow for 2 rules to be created with tcp / udp respectively, so it feels like the behaviour should be the same for a load balancer.
Niclas
> On 19 Nov 2020, at 21:09, Daan Hoogland <da...@gmail.com> wrote:
>
> I think it just never came up even though port 53 and others have similar
> issues. It should also be an issue for port forwarding. So whether it is a
> lack of feature or a bug is open to discussion, but the issue is there.
> please create an issue (or PR) on github and we can handle it there.
>
> On Thu, Nov 19, 2020 at 1:14 PM Niclas Lindblom
> <ni...@icloud.com.invalid> wrote:
>
>> This creates a rule with no protocol defined
>>
>> name = test
>> id = 1e6b0dc6-897f-47fc-ac9f-a9c9707a6630
>> account = admin
>> algorithm = source
>> cidrlist =
>> domain = ROOT
>> domainid = b6155e47-64e7-11e9-b6e7-f2f9c859b60a
>> fordisplay = True
>> networkid = 299aace4-a5c5-46f4-9ae7-92c86ded0cef
>> privateport = 800
>> publicip = 192.168.30.185
>> publicipid = 2c49bd09-cd6b-44d4-93a5-7082ead298e5
>> publicport = 800
>> state = Add
>> tags:
>> zoneid = bd43ff6e-ecaf-45ad-955c-9b1e28b5aeee
>> zonename = mydc
>>
>>
>> The reason I started digging into this is because I have a rule for
>> Hashicorp Consul traffic which is created using Terraform with no protocol
>> specified and appears as blank in the UI protocol column. The communication
>> isn’t working properly and I get some errors in the log and I noticed that
>> the ports required is both tcp/udp. Since the traffic seem to bye working
>> on tcp I decided to add udp manually as part of my troubleshooting and came
>> across this.
>>
>> Niclas
>>
>>> On 19 Nov 2020, at 19:52, Daan Hoogland <da...@gmail.com> wrote:
>>>
>>> can you remove the tcp rule and then try:
>>>> createLoadBalancerRule algorithm=source name=test privateport=800
>>> publicport=800 networkid=299aace4-a5c5-46f4-9ae7-92c86ded0cea
>>> publicipid=2c49bd00-cd6b-44d4-93a5-7082ead298e0
>>> without the protocol?
>>>
>>> On Thu, Nov 19, 2020 at 11:07 AM Niclas Lindblom
>>> <ni...@icloud.com.invalid> wrote:
>>>
>>>> I tested this again using cloudmonkey by first creating a rule on port
>> 800
>>>> using tcp and then repeated the command with udp
>>>>
>>>> createLoadBalancerRule algorithm=source name=test privateport=800
>>>> publicport=800 networkid=299aace4-a5c5-46f4-9ae7-92c86ded0cea
>>>> publicipid=2c49bd00-cd6b-44d4-93a5-7082ead298e0 protocol=udp
>>>>
>>>> and I get the message
>>>>
>>>> The range specified, 800-800, conflicts with rule 4214 which has 800-800
>>>>
>>>> Is this supposed to work so we are looking at a bug here ?
>>>>
>>>> Niclas
>>>>
>>>>> On 19 Nov 2020, at 17:05, Daan Hoogland <da...@gmail.com>
>> wrote:
>>>>>
>>>>> Niclas, that doesn't sound good. I am assuming you use the UI and the
>> VR
>>>> as
>>>>> loadbalancer.
>>>>> if you look at the API [1], you'll find that protocol is actually not a
>>>>> required parameter. Can you;
>>>>> 1. check with dev-tools how the call is made?
>>>>> 2. try adding it through the API directly (using cloudmonkey or
>> something
>>>>> like that)?
>>>>>
>>>>> [1]
>>>>>
>>>>
>> http://cloudstack.apache.org/api/apidocs-4.14/apis/createLoadBalancerRule.html
>>>>>
>>>>>
>>>>> On Thu, Nov 19, 2020 at 7:45 AM Niclas Lindblom
>>>>> <ni...@icloud.com.invalid> wrote:
>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> I need to add a load balancer rule for a specific port for both tcp
>> and
>>>>>> udp. In the drop down I can only select one or the other and I am not
>>>> able
>>>>>> to add 2 rules (one for each protocol) on the same port as I get a
>>>> message
>>>>>> that there’s a conflict with existing rule. How do I achieve opening a
>>>> port
>>>>>> for both tcp/udp into a VPC ?
>>>>>>
>>>>>> Thanks
>>>>>>
>>>>>> Niclas
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Daan
>>>>
>>>>
>>>
>>> --
>>> Daan
>>
>>
>
> --
> Daan
Re: Loadbalancer rule - open both TCP and UDP
Posted by Daan Hoogland <da...@gmail.com>.
I think it just never came up even though port 53 and others have similar
issues. It should also be an issue for port forwarding. So whether it is a
lack of feature or a bug is open to discussion, but the issue is there.
please create an issue (or PR) on github and we can handle it there.
On Thu, Nov 19, 2020 at 1:14 PM Niclas Lindblom
<ni...@icloud.com.invalid> wrote:
> This creates a rule with no protocol defined
>
> name = test
> id = 1e6b0dc6-897f-47fc-ac9f-a9c9707a6630
> account = admin
> algorithm = source
> cidrlist =
> domain = ROOT
> domainid = b6155e47-64e7-11e9-b6e7-f2f9c859b60a
> fordisplay = True
> networkid = 299aace4-a5c5-46f4-9ae7-92c86ded0cef
> privateport = 800
> publicip = 192.168.30.185
> publicipid = 2c49bd09-cd6b-44d4-93a5-7082ead298e5
> publicport = 800
> state = Add
> tags:
> zoneid = bd43ff6e-ecaf-45ad-955c-9b1e28b5aeee
> zonename = mydc
>
>
> The reason I started digging into this is because I have a rule for
> Hashicorp Consul traffic which is created using Terraform with no protocol
> specified and appears as blank in the UI protocol column. The communication
> isn’t working properly and I get some errors in the log and I noticed that
> the ports required is both tcp/udp. Since the traffic seem to bye working
> on tcp I decided to add udp manually as part of my troubleshooting and came
> across this.
>
> Niclas
>
> > On 19 Nov 2020, at 19:52, Daan Hoogland <da...@gmail.com> wrote:
> >
> > can you remove the tcp rule and then try:
> >> createLoadBalancerRule algorithm=source name=test privateport=800
> > publicport=800 networkid=299aace4-a5c5-46f4-9ae7-92c86ded0cea
> > publicipid=2c49bd00-cd6b-44d4-93a5-7082ead298e0
> > without the protocol?
> >
> > On Thu, Nov 19, 2020 at 11:07 AM Niclas Lindblom
> > <ni...@icloud.com.invalid> wrote:
> >
> >> I tested this again using cloudmonkey by first creating a rule on port
> 800
> >> using tcp and then repeated the command with udp
> >>
> >> createLoadBalancerRule algorithm=source name=test privateport=800
> >> publicport=800 networkid=299aace4-a5c5-46f4-9ae7-92c86ded0cea
> >> publicipid=2c49bd00-cd6b-44d4-93a5-7082ead298e0 protocol=udp
> >>
> >> and I get the message
> >>
> >> The range specified, 800-800, conflicts with rule 4214 which has 800-800
> >>
> >> Is this supposed to work so we are looking at a bug here ?
> >>
> >> Niclas
> >>
> >>> On 19 Nov 2020, at 17:05, Daan Hoogland <da...@gmail.com>
> wrote:
> >>>
> >>> Niclas, that doesn't sound good. I am assuming you use the UI and the
> VR
> >> as
> >>> loadbalancer.
> >>> if you look at the API [1], you'll find that protocol is actually not a
> >>> required parameter. Can you;
> >>> 1. check with dev-tools how the call is made?
> >>> 2. try adding it through the API directly (using cloudmonkey or
> something
> >>> like that)?
> >>>
> >>> [1]
> >>>
> >>
> http://cloudstack.apache.org/api/apidocs-4.14/apis/createLoadBalancerRule.html
> >>>
> >>>
> >>> On Thu, Nov 19, 2020 at 7:45 AM Niclas Lindblom
> >>> <ni...@icloud.com.invalid> wrote:
> >>>
> >>>> Hi,
> >>>>
> >>>> I need to add a load balancer rule for a specific port for both tcp
> and
> >>>> udp. In the drop down I can only select one or the other and I am not
> >> able
> >>>> to add 2 rules (one for each protocol) on the same port as I get a
> >> message
> >>>> that there’s a conflict with existing rule. How do I achieve opening a
> >> port
> >>>> for both tcp/udp into a VPC ?
> >>>>
> >>>> Thanks
> >>>>
> >>>> Niclas
> >>>
> >>>
> >>>
> >>> --
> >>> Daan
> >>
> >>
> >
> > --
> > Daan
>
>
--
Daan
Re: Loadbalancer rule - open both TCP and UDP
Posted by Niclas Lindblom <ni...@icloud.com.INVALID>.
This creates a rule with no protocol defined
name = test
id = 1e6b0dc6-897f-47fc-ac9f-a9c9707a6630
account = admin
algorithm = source
cidrlist =
domain = ROOT
domainid = b6155e47-64e7-11e9-b6e7-f2f9c859b60a
fordisplay = True
networkid = 299aace4-a5c5-46f4-9ae7-92c86ded0cef
privateport = 800
publicip = 192.168.30.185
publicipid = 2c49bd09-cd6b-44d4-93a5-7082ead298e5
publicport = 800
state = Add
tags:
zoneid = bd43ff6e-ecaf-45ad-955c-9b1e28b5aeee
zonename = mydc
The reason I started digging into this is because I have a rule for Hashicorp Consul traffic which is created using Terraform with no protocol specified and appears as blank in the UI protocol column. The communication isn’t working properly and I get some errors in the log and I noticed that the ports required is both tcp/udp. Since the traffic seem to bye working on tcp I decided to add udp manually as part of my troubleshooting and came across this.
Niclas
> On 19 Nov 2020, at 19:52, Daan Hoogland <da...@gmail.com> wrote:
>
> can you remove the tcp rule and then try:
>> createLoadBalancerRule algorithm=source name=test privateport=800
> publicport=800 networkid=299aace4-a5c5-46f4-9ae7-92c86ded0cea
> publicipid=2c49bd00-cd6b-44d4-93a5-7082ead298e0
> without the protocol?
>
> On Thu, Nov 19, 2020 at 11:07 AM Niclas Lindblom
> <ni...@icloud.com.invalid> wrote:
>
>> I tested this again using cloudmonkey by first creating a rule on port 800
>> using tcp and then repeated the command with udp
>>
>> createLoadBalancerRule algorithm=source name=test privateport=800
>> publicport=800 networkid=299aace4-a5c5-46f4-9ae7-92c86ded0cea
>> publicipid=2c49bd00-cd6b-44d4-93a5-7082ead298e0 protocol=udp
>>
>> and I get the message
>>
>> The range specified, 800-800, conflicts with rule 4214 which has 800-800
>>
>> Is this supposed to work so we are looking at a bug here ?
>>
>> Niclas
>>
>>> On 19 Nov 2020, at 17:05, Daan Hoogland <da...@gmail.com> wrote:
>>>
>>> Niclas, that doesn't sound good. I am assuming you use the UI and the VR
>> as
>>> loadbalancer.
>>> if you look at the API [1], you'll find that protocol is actually not a
>>> required parameter. Can you;
>>> 1. check with dev-tools how the call is made?
>>> 2. try adding it through the API directly (using cloudmonkey or something
>>> like that)?
>>>
>>> [1]
>>>
>> http://cloudstack.apache.org/api/apidocs-4.14/apis/createLoadBalancerRule.html
>>>
>>>
>>> On Thu, Nov 19, 2020 at 7:45 AM Niclas Lindblom
>>> <ni...@icloud.com.invalid> wrote:
>>>
>>>> Hi,
>>>>
>>>> I need to add a load balancer rule for a specific port for both tcp and
>>>> udp. In the drop down I can only select one or the other and I am not
>> able
>>>> to add 2 rules (one for each protocol) on the same port as I get a
>> message
>>>> that there’s a conflict with existing rule. How do I achieve opening a
>> port
>>>> for both tcp/udp into a VPC ?
>>>>
>>>> Thanks
>>>>
>>>> Niclas
>>>
>>>
>>>
>>> --
>>> Daan
>>
>>
>
> --
> Daan
Re: Loadbalancer rule - open both TCP and UDP
Posted by Daan Hoogland <da...@gmail.com>.
can you remove the tcp rule and then try:
> createLoadBalancerRule algorithm=source name=test privateport=800
publicport=800 networkid=299aace4-a5c5-46f4-9ae7-92c86ded0cea
publicipid=2c49bd00-cd6b-44d4-93a5-7082ead298e0
without the protocol?
On Thu, Nov 19, 2020 at 11:07 AM Niclas Lindblom
<ni...@icloud.com.invalid> wrote:
> I tested this again using cloudmonkey by first creating a rule on port 800
> using tcp and then repeated the command with udp
>
> createLoadBalancerRule algorithm=source name=test privateport=800
> publicport=800 networkid=299aace4-a5c5-46f4-9ae7-92c86ded0cea
> publicipid=2c49bd00-cd6b-44d4-93a5-7082ead298e0 protocol=udp
>
> and I get the message
>
> The range specified, 800-800, conflicts with rule 4214 which has 800-800
>
> Is this supposed to work so we are looking at a bug here ?
>
> Niclas
>
> > On 19 Nov 2020, at 17:05, Daan Hoogland <da...@gmail.com> wrote:
> >
> > Niclas, that doesn't sound good. I am assuming you use the UI and the VR
> as
> > loadbalancer.
> > if you look at the API [1], you'll find that protocol is actually not a
> > required parameter. Can you;
> > 1. check with dev-tools how the call is made?
> > 2. try adding it through the API directly (using cloudmonkey or something
> > like that)?
> >
> > [1]
> >
> http://cloudstack.apache.org/api/apidocs-4.14/apis/createLoadBalancerRule.html
> >
> >
> > On Thu, Nov 19, 2020 at 7:45 AM Niclas Lindblom
> > <ni...@icloud.com.invalid> wrote:
> >
> >> Hi,
> >>
> >> I need to add a load balancer rule for a specific port for both tcp and
> >> udp. In the drop down I can only select one or the other and I am not
> able
> >> to add 2 rules (one for each protocol) on the same port as I get a
> message
> >> that there’s a conflict with existing rule. How do I achieve opening a
> port
> >> for both tcp/udp into a VPC ?
> >>
> >> Thanks
> >>
> >> Niclas
> >
> >
> >
> > --
> > Daan
>
>
--
Daan
Re: Loadbalancer rule - open both TCP and UDP
Posted by Niclas Lindblom <ni...@icloud.com.INVALID>.
I tested this again using cloudmonkey by first creating a rule on port 800 using tcp and then repeated the command with udp
createLoadBalancerRule algorithm=source name=test privateport=800 publicport=800 networkid=299aace4-a5c5-46f4-9ae7-92c86ded0cea publicipid=2c49bd00-cd6b-44d4-93a5-7082ead298e0 protocol=udp
and I get the message
The range specified, 800-800, conflicts with rule 4214 which has 800-800
Is this supposed to work so we are looking at a bug here ?
Niclas
> On 19 Nov 2020, at 17:05, Daan Hoogland <da...@gmail.com> wrote:
>
> Niclas, that doesn't sound good. I am assuming you use the UI and the VR as
> loadbalancer.
> if you look at the API [1], you'll find that protocol is actually not a
> required parameter. Can you;
> 1. check with dev-tools how the call is made?
> 2. try adding it through the API directly (using cloudmonkey or something
> like that)?
>
> [1]
> http://cloudstack.apache.org/api/apidocs-4.14/apis/createLoadBalancerRule.html
>
>
> On Thu, Nov 19, 2020 at 7:45 AM Niclas Lindblom
> <ni...@icloud.com.invalid> wrote:
>
>> Hi,
>>
>> I need to add a load balancer rule for a specific port for both tcp and
>> udp. In the drop down I can only select one or the other and I am not able
>> to add 2 rules (one for each protocol) on the same port as I get a message
>> that there’s a conflict with existing rule. How do I achieve opening a port
>> for both tcp/udp into a VPC ?
>>
>> Thanks
>>
>> Niclas
>
>
>
> --
> Daan
Re: Loadbalancer rule - open both TCP and UDP
Posted by Daan Hoogland <da...@gmail.com>.
Niclas, that doesn't sound good. I am assuming you use the UI and the VR as
loadbalancer.
if you look at the API [1], you'll find that protocol is actually not a
required parameter. Can you;
1. check with dev-tools how the call is made?
2. try adding it through the API directly (using cloudmonkey or something
like that)?
[1]
http://cloudstack.apache.org/api/apidocs-4.14/apis/createLoadBalancerRule.html
On Thu, Nov 19, 2020 at 7:45 AM Niclas Lindblom
<ni...@icloud.com.invalid> wrote:
> Hi,
>
> I need to add a load balancer rule for a specific port for both tcp and
> udp. In the drop down I can only select one or the other and I am not able
> to add 2 rules (one for each protocol) on the same port as I get a message
> that there’s a conflict with existing rule. How do I achieve opening a port
> for both tcp/udp into a VPC ?
>
> Thanks
>
> Niclas
--
Daan