[
https://issues.apache.org/jira/browse/CLOUDSTACK-8395?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14507338#comment-14507338
]
ASF GitHub Bot commented on CLOUDSTACK-8395:
--------------------------------------------
Github user bhaisaab commented on the pull request:
https://github.com/apache/cloudstack/pull/186#issuecomment-95254152
@xenserverarmy @agneya2001 the latest update I did was to flush iptables
rules before setting up ipset rules, this removes ipset references so easier to
remove old iphash based ipset (when swapping). This way, the solutions works
irrespective of upgrades issues, disconnects/reconnects etc.
> Basic Zone Security Group rules fail with XenServer 6.5
> -------------------------------------------------------
>
> Key: CLOUDSTACK-8395
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-8395
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the
> default.)
> Affects Versions: 4.5.0, 4.6.0
> Reporter: Rohit Yadav
> Assignee: Rohit Yadav
> Priority: Blocker
> Fix For: 4.6.0, 4.5.1
>
>
> With latest ACS 4.5 branch, SG rules on XenServer 6.5 were found to be flaky.
> They worked sometimes and sometimes failed. On inspection of cloud.log and
> SMLog, the following errors were found:
> DEBUG [root] Ignoring failure to delete rules for vm s-2-VM
> ...
> DEBUG [root] Ignoring failure to delete ebtables chain for vm s-2-VM
>
> ...
> DEBUG [root] Ignoring failure to delete arptables chain for vm s-2-VM
> ...
> DEBUG [root] Ignoring failure to delete ingress chain s-2-VM
> DEBUG [root] Ignoring failure to delete egress chain s-2-VM-eg
> ...
> The possible issue discovered was how the python based vmops plugin execute
> iptables rules. The sm/util.py shipped with XS 6.5 is possibly different than
> that on XS 6.2.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
