Hi Venkat, Couple of questions: 1. Are you able to reach the gateway 172.16.10.1 from your desktop? 2. Did you create firewall rules on acquired ip 172.16.10.103 to allow the ingress traffic?
You would not need to setup the virtual router as the default gateway. All the guest vms inside the isolated network you created would have the virtual router as the default gateway by default. Thanks, Sanjeev -----Original Message----- From: Venkat Srinivasan [mailto:ven...@cliqr.com] Sent: Wednesday, September 24, 2014 4:56 AM To: users@cloudstack.apache.org Subject: Static NAT routing Hello All, I have a cloudstack environment with a advanced zone setup. I have two bridge networks cloudbr0 and cloudbr1. cloudbr0 is configured on a Public network interface using VLAN and cloudbr1 uses GRE on a second interface. I am using Openvswitch on KVM . I also created a networking offering with static nat ,port forwarding etc using 'ovs' as the provider. After my zone was created sucessfully , I created an isolated network using the above network offering with a cidr of 10.0.0.0/24. All this works just fine. I launched a VM inside this network and it comes up fine and my 'ovs-vsctl show' shows the appropriate tunnels and bridges created. The VM gets an IP 10.0.0.31. Now I want to access this from public network so I acquired a public IP -172.16.10.103 and created a static nat rule with my VM. The logs also show everything went through fine My Virtual router IP is 172.16.10.102 and if I do 'ip addr' I can see that the acquired public ip is added as a secondary ip to eth2 interface. My issue is that I cant seem to route to this public IP from say my desktop. I checked my cisco firewall/dhcp server and it has not received any ARP requests for new IP/Interface for 172.16.10.103 either . But the Systemvms and the Virtual Routers have registed themselves on my firewall/dhcp server. I am curious how this works . Do I need to setup some routing in my hardware firewall to use the virtual router as the default gateway ? Currently my default gateway is 172.16.10.1 Sorry if Iam missing something basic but any suggestions and ideas will help. -- Thanks
