Rohit Yadav created CLOUDSTACK-9437:
---------------------------------------
Summary: Outbound traffic fails to work after VR is upgraded to
post 4.6+ release
Key: CLOUDSTACK-9437
URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9437
Project: CloudStack
Issue Type: Bug
Security Level: Public (Anyone can view this level - this is the default.)
Affects Versions: 4.8.0, 4.7.1, 4.6.2, 4.8.1
Reporter: Rohit Yadav
Assignee: Rohit Yadav
When CloudStack is upgraded to 4.6+ version, due to changes in script. The
default iptables rules are saved at /etc/iptables/router_rules.{v4,v6} instead
of the rules.{v4,v6} files. The cloud-early-config file uses the rules.v4 and
rules file, which are copied from iptables-{router, etc.} templates.
When CloudStack was upgrade from 4.3 to 4.6+ version, and VR template upgraded
to a 4.6 template -- the rules.v4 file was copied from iptables-router template
though the configure.py uses router_rules.v4 file which does not have the
FW_EGRESS_RULES chain declared. Because of this the CsNetFilters fails to add
the chain.
Workaround that works -- after upgrading the router, restarting the network
(without cleanup selected) fixes the issue.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
