Public bug reported: We are using UEC cloud controller in a server that also runs regular KVM servers with libvirt and bridge interface.
Everything is working more or less as expected, however, UEC configures iptable to use NAT for all traffic that is forwarded, even if it's not for the cloud itself. This causes that when we connect from an outside machine to any of the regular KVM machines, we are seen as coming always from the UEC cloud and KVM host. That's not a big problem, given that is easy to solve adding this rule to iptables on that machine: iptables -t nat -A POSTROUTING -d 10.82.0.0/22 -s 10.82.0.0/22 -j ACCEPT (where 10.82.0.0/22 is our local net), the problem comes on how to inject it in a way that UEC doesn't drop that rule on boot. >From Eucalyptus documentation (http://open.eucalyptus.com/wiki/EucalyptusNetworking_v1.6), we are able to put it on /var/run/eucalyptus/net/iptables-preload with the iptables- save command, however, that location is not valid for Ubuntu, because it's on a ram disk and thus, discarded with every reboot. UEC should have a way to put that file in some other persistent place or a way to inject that file on boot time, any of those solutions would be valid for us. ** Affects: eucalyptus (Ubuntu) Importance: Undecided Status: New -- Unable to use Eucalyptus' iptables-preload feature with UEC https://bugs.launchpad.net/bugs/579868 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to eucalyptus in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
