Well :) that is a good question - desired by who :)
ACLs are applied on routined traffic (i.e. traffic between networks), so
here its simply not aplicable - you connect to LOCAL port/service on VR
(imagine port 22 as in mine example, but otherwise default rules are all
DENY, so you can't access ha
Hi Andrija
Wow - thanks for in-depth analysis! I already suspected HAProxy services
not hitting iptables chain.
Thanks for clarification, I see that the behaviour is EXPECTED, is it also
DESIRED?
Regards,
Samuel
Hi S,
so I have reproduced same behavior on ACS 4.8.x and from what I can see
this is EXPECTED for following reason:
root@r-4997-VM:~# iptables-save | grep "\-j ACL"
-A PREROUTING -s 10.10.10.0/24 ! -d 10.10.10.1/32 -i eth2 -m state
--state NEW -j ACL_OUTBOUND_eth2
-A FORWARD -d 10.10.
Hi List
We face an issue with VPC and ACLs together with Loadbalancing (on
vRouter). The ACL rules do not seem to work at all. Steps to reproduce:
- Create a VPC
- Create Tier with Public LB Services on vRouter
- Apply default_deny ACL
- Create Instance
- Create Public LB-Rule on Public IP and poi