[jira] [Commented] (CLOUDSTACK-8795) outgoing public traffic blocked in vm created using DefaultIsolatedNetworkOfferingWithSourceNatService

Wilder Rodrigues (JIRA) Fri, 11 Sep 2015 07:29:39 -0700

    [ 
https://issues.apache.org/jira/browse/CLOUDSTACK-8795?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14740899#comment-14740899
 ]


Wilder Rodrigues commented on CLOUDSTACK-8795:
----------------------------------------------

[~rajanik] - about this issue: 
https://issues.apache.org/jira/browse/CLOUDSTACK-8795

from the router VM I should be able to ping, right? I am asking because you 
mentioned the “ping google.com” as being executed on user vm, not router vm.

I fixed it and am testing now. from router VM:

root@r-4-VM:~# ping google.com
PING google.com (74.125.71.139): 48 data bytes
56 bytes from 74.125.71.139: icmp_seq=0 ttl=46 time=18.060 ms
56 bytes from 74.125.71.139: icmp_seq=1 ttl=46 time=21.680 ms
56 bytes from 74.125.71.139: icmp_seq=2 ttl=46 time=18.957 ms
56 bytes from 74.125.71.139: icmp_seq=3 ttl=46 time=31.679 ms
^C--- google.com ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max/stddev = 18.060/22.594/31.679/5.412 ms
root@r-4-VM:~#

ekho [4:16 PM]
and in the IP tables

Chain FIREWALL_EGRESS_RULES (0 references)
pkts bytes target     prot opt in     out     source               destination
   0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0

> outgoing public traffic blocked in vm created using 
> DefaultIsolatedNetworkOfferingWithSourceNatService 
> -------------------------------------------------------------------------------------------------------
>
>                 Key: CLOUDSTACK-8795
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-8795
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the 
> default.) 
>    Affects Versions: 4.6.0
>         Environment: Xenserver 6.5, advanced zone, CS 4.6.0
>            Reporter: Rajani Karuturi
>            Assignee: Wilder Rodrigues
>            Priority: Blocker
>
> in case of vm launched in vpc, outgoing public traffic worked (I was able to 
> ping google.com)
> But, in case of default isolated 
> network(DefaultIsolatedNetworkOfferingWithSourceNatService) vm, outgoing 
> public traffic was blocked even after adding egress rule.
> It only worked after running the following on isolated VR
> iptables -I FW_OUTBOUND -j FIREWALL_EGRESS_RULES
> This issue is observed while reviewing PR #765 
> https://github.com/apache/cloudstack/pull/765#issuecomment-136962555



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-8795) outgoing public traffic blocked in vm created using DefaultIsolatedNetworkOfferingWithSourceNatService

Reply via email to