On Feb 24, 2014, at 10:35 AM, Michael Phillips <mphilli7...@hotmail.com> wrote:
> That is a very clean format..... > To be honest, I actually thought about putting together some documentation > and posting it online. there is a section on vsphere hypervisor that needs a lot of review. it's in restructured text format, almost as easy as markdown. You can fork it on github and edit in place via the github ui. if you write outside the documentation let me know, I will try to grab what you write to update the docs. -sebastien > >> Subject: Re: One last hurdle >> From: run...@gmail.com >> Date: Mon, 24 Feb 2014 03:26:41 -0500 >> To: users@cloudstack.apache.org >> >> >> On Feb 22, 2014, at 8:13 PM, Michael Phillips <mphilli7...@hotmail.com> >> wrote: >> >>> Figured it out.... >>> Apparently by default outbound traffic is blocked by egress >>> rule...implemented an egress rule and it's working…. >> >> Do you feel like writing some documentation :) >> >> We are moving to a new docs format and this: >> http://cloudstack-installation.readthedocs.org/en/latest/ >> >> needs a lot of love. >> >>> >> >>>> From: mphilli7...@hotmail.com >>>> To: users@cloudstack.apache.org >>>> Subject: One last hurdle >>>> Date: Sat, 22 Feb 2014 18:37:45 -0600 >>>> >>>> >>>> >>>> >>>> I am almost there to having a working config with advanced network on >>>> vsphere 5.1 >>>> So I am using a pretty basic advanced network zone using vlan for >>>> isolation. Details are below: >>>> Public range = x.x.233.0/24 >>>> Guest cidr = 10.1.1.0/24 >>>> VLAN range = 400-405 >>>> >>>> 1. I create an instance of the default centos5.3 template, choosing to >>>> create a isolated network based on >>>> "DefaultIsolatedNetworkOfferingWithSourceNatService" >>>> 2. The system spawns a system router. >>>> 3. The system spawns the guest vm. >>>> 4. The router is made a part of the public vlan 233 and the isolated vlan >>>> 400 >>>> 5. The guest vm is made a part of the isolated vlan 400. >>>> 6. The router is assigned an IP address on the isolated network of >>>> 10.1.1.1. The router is able to get out to the internet fine, and is able >>>> to ping the guest instance. >>>> 7. The guest is assigned an ip address on the isolated network. The guest >>>> vm is able to ping the router >>>> Network Topology would look as follows: >>>> guestvm ---> system router ---> firewall ---> router ---> internet >>>> Up to this point everything LOOKS perfect...BUT...my guest vm is not able >>>> to get out to the internet. >>>> At first I thought my problem might be with the hop after the system >>>> router which is my firewall. So what I did was to imitate what CS is >>>> doing, but with windows machines. Basically I spawned two machines, one >>>> which acted as a guest vm, the other to act as a system router. On the >>>> windows box, which I simulated the system router, I enabled routing and >>>> remote access to enable NAT. In this configuration the guest vm was able >>>> to use the simulated system router and browse the internet just fine. The >>>> test topology would look as follows: >>>> guest vm ---> simulated router running windows and NAT ---> firewall ---> >>>> router ---> internet >>>> So this leads me to believe that something is wrong with the system router >>>> and how it is NAT'ing. Up to this point I have tried the default network >>>> service "DefaultIsolatedNetworkOfferingWithSourceNatService" and created a >>>> new network offering using DNS,DHCP, and SourceNAT. >>>> I think once I get past this hurdle I will be be good to go....any help is >>>> hugely appreciated!! >>>> >>>> >>>> >>>> >>>> >>> >> >
