When I've seen something like this happen, there is a problem with the router script parsing an input and so it returns a failure and the router is restarted.
You might need to put the agent in debug so you can see what exactly is failing when it tries to inject rules into the VR. 4.8 has a bug like this for Private Gateway configs in VPCs. It is fixed in later versions. - Si ________________________________ From: Janis Andersons | Failiem.lv <[email protected]> Sent: Friday, September 30, 2016 4:23 AM To: [email protected] Subject: Re: slow firewall Restart fails and router keeps rebooting. Also if I reboot router it keeps rebooting. Then I need to remove all firewall rules and and restart it with clean up option to get it work again. Janis Andersons http://serveri.failiem.lv serveri.failiem.lv | virtualie privatie serveri<http://serveri.failiem.lv/> serveri.failiem.lv DROSA UN BOJAJUMPIECIETIGA APARATURA. Tiek dubleti diski un serveri, ka ari datu centri, pec pieprasijuma. Failiem.lv spej nodrosinat augstu noslodzi un ... http://files.fm [https://files.fm/images/files.fm_facebook_big2.jpg]<http://files.fm/> Files.fm<http://files.fm/> files.fm Fast, Secure and Easy cloud file hosting, storage and safe sharing. FTP alternative. Free signup. Unlimited download traffic via torrents. http://failiem.lv [https://failiem.lv/images/failiem.lv_facebook.jpg]<http://failiem.lv/> Failiem.lv: atra, erta un drosa failu glabasana vai apmaina<http://failiem.lv/> failiem.lv Atrs, dross un erts serviss failu un foto glabasanai vai apmainai. FTP alternativa. Bezmaksas registracija un failu glabasana. Neierobezots atrums un ... mobile: +371 26606064 [email protected] On 29.09.2016 23:32, Simon Weller wrote: > What happens if you try and do a network restart with the cleanup option > selected? > > > ________________________________ > From: Janis Andersons | Failiem.lv <[email protected]> > Sent: Thursday, September 29, 2016 6:25 AM > To: [email protected] > Subject: Re: slow firewall > > Also If I try to restart network it ends with: Failed to restart network > management log files: > 2016-09-29 14:21:18,486 DEBUG Seq 27-2522015791327480407: Processing: > { Ans: , MgmtId: 95537004648, via: 27, Ver: v1, Flags: 10, > [{"com.cloud.agent.api.Answer":{"result":false,"details":"Timed out in > waiting SSH execution result","wait":0}}] } > 2016-09-29 14:21:18,487 DEBUG ctx-d2b04874) (logid:93af951b) Seq > 27-2522015791327480407: Received: { Ans: , MgmtId: 95537004648, via: > 27(xs4.failiem.lv), Ver: v1, Flags: 10, { Answer } } > 2016-09-29 14:21:18,487 WARN ctx-d2b04874) (logid:93af951b) Failed to > re-program the network as a part of network Ntwk[248|Guest|67] implement > due to aggregated commands execution failure! > 2016-09-29 14:21:18,490 WARN ctx-d2b04874) (logid:93af951b) Failed to > implement network Ntwk[248|Guest|67] elements and resources as a part of > network restart due to > com.cloud.exception.ResourceUnavailableException: Resource > [DataCenter:9] to apply network rules as a part of network > Ntwk[248|Guest|67] implement > > J. Andersons > > On 29.09.2016 14:08, Janis Andersons | Failiem.lv wrote: >> Also adding Load balancer rules takes about 3 minutes. >> >> >> On 29.09.2016 14:07, Janis Andersons | Failiem.lv wrote: >>> I have total 20 firewall rules and 50 port forwarding rules for 12 >>> VMs and it takes more than 60 seconds to add new rule. >>> If new IP is acquired adding new rule takes about 80 seconds even if >>> there is no rules set for new IP. >>> If I try to add multiple rules it takes much more time for first rule >>> and sometimes another rules fails. >>> >>> Have tried to change service offering for router to 2 CPUs, 1GB ram >>> but that doesn't help. >>> >>> Cloudstack 4.8, Xenserver, Shared Storage >>> Virtual Router: Firewall, Vpn, Dhcp, SourceNat, PortForwarding, Lb, >>> UserData, Dns. >>> >
