Hello guys, Has anyone noticed some intermittent issues with egress rules on ACS + KVM hypervisor? I've noticed that occasionally VR would just stop allowing outbound traffic. There are rules for egress filtering, but it just wouldn't work. Inbound traffic is working just fine, but vms on the effected network are not able to connect to anything outside.
I am seeing this on ACS 4.2.1 as well as on ACS 4.4 (my mate's install). This doesn't happen on all networks. I would say about 20-30% of my VRs are having this problem. Stopping/starting VR doesn't help and restarting the network doesn't help either. I've noticed that sometimes doing a network restart with the clean up option ticked does help. Other times I would have to do the following trick to make egress work: migrate vr to a different host, restart network with cleanup enabled, stop vr and start it again. Usually when nothing else works, this one sorts it out. This problem happens with VPC VRs as well. The strange thing for me is that the problem only started to happen when I've attempted to upgrade to version 4.3.0, which didn't succeed because of the broken KVM support, which a lot of people noticed. After the failed upgrade, I've downgraded back to 4.2.1 and this is when I've noticed the egress misbehaviour. However, my friend's ACS has been doing this since the first install (I think since version 4.0). If someone else is experiencing similar problems, It would be great to share the experience and workarounds. cheers Andrei
