每次都是这样吗?创建linux vm和创建windows vm都一样吗? 另外有没有换hypervisior试试?
2014-04-29 11:43 GMT+08:00 谢福平 <754282...@qq.com>: > 问题描述: > 当在集群中新建一个虚拟机时,如果虚拟机分配到了主机A上,那么,主机A上原有的虚拟机会ping不通; > 然后将主机A的防火墙关闭,不通的虚拟机就能ping通了。待主机A的防火墙自动起来后,所有的虚拟机也会正常运行,不会出现ping不通的现象。 > iptables文件内容如下: > [root@pcs-kvm-3 cloud]# cat /etc/sysconfig/iptables > # Generated by iptables-save v1.4.7 on Sat Apr 12 17:52:24 2014 > *nat > :PREROUTING ACCEPT [0:0] > :POSTROUTING ACCEPT [0:0] > :OUTPUT ACCEPT [0:0] > COMMIT > # Completed on Sat Apr 12 17:52:24 2014 > # Generated by iptables-save v1.4.7 on Sat Apr 12 17:52:24 2014 > *mangle > :PREROUTING ACCEPT [0:0] > :INPUT ACCEPT [0:0] > :FORWARD ACCEPT [0:0] > :OUTPUT ACCEPT [0:0] > :POSTROUTING ACCEPT [0:0] > -A POSTROUTING -o virbr0 -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill > COMMIT > # Completed on Sat Apr 12 17:52:24 2014 > # Generated by iptables-save v1.4.7 on Sat Apr 12 17:52:24 2014 > *filter > :INPUT ACCEPT [0:0] > :FORWARD ACCEPT [0:0] > :OUTPUT ACCEPT [0:0] > -A INPUT -i virbr0 -p udp -m udp --dport 53 -j ACCEPT > -A INPUT -i virbr0 -p tcp -m tcp --dport 53 -j ACCEPT > -A INPUT -p tcp -m tcp --dport 49152:49216 -j ACCEPT > -A INPUT -i virbr0 -p udp -m udp --dport 67 -j ACCEPT > -A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT > -A INPUT -p tcp -m tcp --dport 5900:6100 -j ACCEPT > -A INPUT -p tcp -m tcp --dport 16509 -j ACCEPT > -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT > -A FORWARD -o virbr0 -j REJECT --reject-with icmp-port-unreachable > -A FORWARD -i virbr0 -j REJECT --reject-with icmp-port-unreachable > COMMIT > # Completed on Sat Apr 12 17:52:24 2014 > [root@pcs-kvm-3 cloud]# -- 白清杰 (Born Bai) 北京开源愿景信息技术有限公司 Mail: linux...@gmail.com
