Hi there, to further help your self, make sure you have VM1 on host1, VM2 on host2, both VMs in the same network - and try to ping VM2 from VM1 and the other way around - if that fails - then, as you suggested, you do have Switch configuration issue which doesn't allow traffic to pass from host1 to host2. You need to configure switch ports in TRUNK mode with all VLANs that you added as you the vlan range in ACS to be used by GUEST traffic.
Of course, based on your setup, make sure you don't break other traffic (management/storage/public) when you touch your switch ports. Best, On Wed, 28 Apr 2021 at 12:53, Brian Fitzpatrick <b.fitzpatr...@chester.ac.uk> wrote: > Hi all, > > I am new to this list and new to cloudstack, so apologies if this is an > obvious problem > > I am trying to learn CloudStack and have setup a simple advanced > networking zone, 1 pod, 1 cluster, 2 hosts connected via the same > layer2 cisco switch, 1 nic in each host (Ubuntu, KVM) > > If I setup a guest isolated lan and add a vm (setting up egress, > firewall, port fowarding), the vm can get out onto the public/internet > via the virtual router that gets automatically setup for my guest > network. > > However if I move the vm to another host, it's internet stops working. > > If I then move the virtual router to the same host it starts again. > > So I guess it's something to do with isolated vlan tagging between > hosts via the switch? > > I am not sure whether it's the switch, whether I am trying to do this > via one nic or settings I have missed in cloudstack. > > my netplan host file(s) contain the same type of config; one on ip .25 > one on ip .23 same subnet > > ethernets: > ens4f0np0: > dhcp4: false > dhcp6: false > mtu: 1550 > > bridges: > cloudbr0: > interfaces: [ens4f0np0] > addresses: > - 10.250.0.25/22 > gateway4: 10.250.0.1 > nameservers: > addresses: > - 10.58.2.140 > - 10.58.2.141 > > mtu: 1500 > parameters: > stp: true > forward-delay: 4 > dhcp4: no > dhcp6: no > > The isolated guest network has vlan id allocated of 603 > > When I move a vm from one host to another, a vlan interface appears to > be created on the new kvm host > > cloudbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1550 qdisc noqueue > state UP group default qlen 1000 > link/ether bc:97:e1:be:72:10 brd ff:ff:ff:ff:ff:ff > inet 10.250.0.25/22 brd 10.250.3.255 scope global cloudbr0 > valid_lft forever preferred_lft forever > inet6 fe80::be97:e1ff:febe:7210/64 scope link > valid_lft forever preferred_lft forever > > cloud0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state > UP group default qlen 1000 > link/ether fe:00:a9:fe:32:cc brd ff:ff:ff:ff:ff:ff > inet 169.254.0.1/16 scope global cloud0 > valid_lft forever preferred_lft forever > inet6 fe80::40c4:4eff:fe5e:dcc0/64 scope link > valid_lft forever preferred_lft forever > > ens4f0np0.603@ens4f0np0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1550 > qdisc noqueue master brens4f0np0-603 state UP group default qlen 1000 > link/ether bc:97:e1:be:72:10 brd ff:ff:ff:ff:ff:ff > inet6 fe80::be97:e1ff:febe:7210/64 scope link > valid_lft forever preferred_lft forever > > brens4f0np0-603: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1550 qdisc > noqueue state UP group default qlen 1000 > link/ether bc:97:e1:be:72:10 brd ff:ff:ff:ff:ff:ff > inet6 fe80::e0d0:90ff:fe6a:71a7/64 scope link > valid_lft forever preferred_lft forever > > As I say the public/internet stops working > > Not sure whether it's a switch port config, Linux nic config, or > something in Cloudstack > > Very grateful of any pointers as to where to start looking to resolve > this issue > > Thanks > > Brian > > Brian Fitzpatrick > > > > > > -- Andrija Panić
