Hi, Noel. Are you sure the traffic is not being sent out of the public interface of the virtual router? Can you log on and verify with tcpdump? If it really is not being sent out, try a stop/start of the virtual router, and if that doesn't help, a destroy/recreate. From the described symptoms it seems like something is "messed up" in the virtual router, and in such cases letting CloudStack reconfigure or recreate it is usually the easiest solution.
Best regards, Kirk On 09/13/2013 08:00 AM, Noel Kendall wrote: > Had a successful 4.0.1 implementation. > However, since upgrade to 4.1 > Guest system, on VLAN isolated advanced network, has a public IP... > Have set egress on the network to let everything out. > Forwarding SSH, WWW, HTTPS to guest, this works just fine. > Guest is able to resolve DNS ... masq on the VR appears to operate fine. > Traffic from guest directed to internet makes it to the VR just fine. > Traffic from the VR to the internet makes it out and back just fine. > IPTables shows an SNAT rule, which SNATs everything to the public IP. > Routing table shows correct default gateway. > Routing table shows public ip subnet routed out ethx interfaces just fine. > Problem is... no outbound internet traffic is being routed by the VR from > theinternal eth0 interface to the external ethx interface. It's as though the > packetsare being dropped, not routed by the kernel. > I am so close to having environment working, but am stumped at this point. > From what I can see,the VR looks right, guest looks right, CS network > interface (FW rules, Forward rules) look right. > Any hints? > Regards, N >
