I am an idiot I now understand what you mean. In the urldomain setting, I need to literally specify "*.domain.tld" and then proceed to configure "1-2-3-4.domain.tld" DNS records. It now fully works as expected, thank you Nux.

On 12/5/22 15:56, Granwille Strauss wrote:

Thank you

For what its worth, I have two CCVMs and my URL domain for console in general settings is set as 'console.domain.tld'. And now I have two A records for this subdomain one "pointing" to each CCVM. If I remove one IP from the DNS zone, after DNS propagation I cannot access the console for any VM. When adding it again back, it seems to work.

On 12/5/22 15:17, Nux wrote:

The hostnames are unique, modeled after the following scheme:

1-2-3-4.domain.tld resolves to 1.2.3.4

As such, for any IP a CPVM (or indeed SSVM) might get allocated, then you will need to have that kind of resolution working. If you don't have too many IPs, then it might be worth defining A records as the above for all of them, as you won't necessarily know which IP a system VM will use (during the lifecycle of Cloudstack, as you create and delete them).


HTH

---
Nux
www.nux.ro <http://www.nux.ro>


On 2022-12-05 10:53, Granwille Strauss wrote:

Hi Guys

Just a quick question, when specifying your console domain in the general settings, you need to add an A record to said domains DNS zone to *point to the CCVM public IP*, for it to be accessible and for SSL to work accordingly. Now if you have more than one CCVM because you have multiple zones, should you update the DNS A record to include the additional CCVMs public IPs too? Or is having only one enough?

On 11/21/22 14:23, Granwille Strauss wrote:

Hi Nicolas

On my working zone it shows the same:

root@v-47-VM:~# telnet public_ip 5900
Trying kvm_public_ip...
Connected to 41.72.146.218.
Escape character is '^]'.
RFB 003.008

Both my kvm hosts have the same qemu/libvirt versions too. The issue seems to boil down to my routing. I tested other telnet ports such as 53 and 80 etc the all come back with no route error.

My existing zone, the one working is fully connected using public IP addresses and zero private networking subnets. I created a new zone to reconfigure my set up this time using private subnets, since its recommended that way. I created a backlink connection between my three hosts on the same private VLAN. But it turns out my private backlink connection cannot reach the public network. So I now had to configure a gateway myself and its supposed to route network from my private subnets to the internet such as a ping to 1.1.1.1.

I believe this configuration might be the reason, because as soon as I turn off the firewall "gateway" I can telnet successfully from the cpvm but then the agents disconnects because if cannot reach the public network.

On 11/21/22 14:01, Nicolas Vazquez wrote:
Hi Granwille,

I see the RFB version offered by the VNC server is 3.8, and the CPVM currently 
can handle up to 3.3. Can you compare on your working zone the output of the 
telnet to a VNC working port? Is there any difference on the qemu/libvirt 
configurations on the hosts from each zone?

Regards,
Nicolas Vazquez


From: Granwille Strauss<granwi...@namhost.com.INVALID>  
<mailto:granwi...@namhost.com.INVALID>
Date: Monday, 21 November 2022 at 08:20
To: Nux<n...@li.nux.ro>  <mailto:n...@li.nux.ro>
Cc:users@cloudstack.apache.org  <mailto:users@cloudstack.apache.org>  
<users@cloudstack.apache.org>  <mailto:users@cloudstack.apache.org>
Subject: Re: Console View Not Working

Hi

Its running on the KVM server:
root@hostname ~ $ grep -w 5900 /etc/services
rfb             5900/tcp                # Remote Framebuffer
rfb             5900/udp                # Remote Framebuffer
root@hostname ~ $

I stopped the firewall and was able to connect to the VNC service from the cpvm:
root@v-78-VM:~# telnet 192.168.50.3 5900
Trying 192.168.50.3...
Connected to 192.168.50.3.
Escape character is '^]'.
RFB 003.008

Thank you, this helps a lot. I am going to see if white listing some rules 
might work. And see if it works after testing.
On 11/21/22 13:02, Nux wrote:

Networking can get tricky, especially if you want to be too smart about it, it 
will bite back.

Anyway, VNC port 5900, is that even listening on the hypervisor, what is 
ss/netstat saying?

Try to find an existing port to test against. If that fails check/disable the 
firewall on the hypervisor or on any firewall device between management server 
and hypervisor.
---
Nux
www.nux.ro  <http://www.nux.ro><http://www.nux.ro>  <http://www.nux.ro>



On 2022-11-21 10:47, Granwille Strauss wrote:

Hi Nux

Thanks for the update. I ssh'd into the CPVM and when I run `telnet 
HV_Private_IP 5900` I get no route error. But if I do this with my working 
existing zone it works fine.  So it seems my systemvms cannot reach the VNC 
server but when I ping from cpvm to kvm private ip I get a successful response, 
this makes no sense.

--

Regards / Groete
[https://www.adsigner.com/v1/s/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/logo/621b3fa39fb210001f975298/cd2904ba-304d-4a49-bf33-cbe9ac76d929_248x-.png
  
<https://www.adsigner.com/v1/s/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/logo/621b3fa39fb210001f975298/cd2904ba-304d-4a49-bf33-cbe9ac76d929_248x-.png>]<https://www.namhost.com/>
  <https://www.namhost.com/>
Granwille Strauss  //  Senior Systems Admin

e:granwi...@namhost.com  <mailto:granwi...@namhost.com><mailto:granwi...@namhost.com> 
 <mailto:granwi...@namhost.com>
m: +264 81 323 1260<tel:+264813231260>  <tel:+264813231260>
w:www.namhost.com  <http://www.namhost.com><https://www.namhost.com/>  
<https://www.namhost.com/>

[https://www.adsigner.com/v1/s/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/social_icon_01/621b3fa39fb210001f975298/9151954b-b298-41aa-89c8-1d68af075373_48x48.png  
<https://www.adsigner.com/v1/s/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/social_icon_01/621b3fa39fb210001f975298/9151954b-b298-41aa-89c8-1d68af075373_48x48.png>]<https://www.facebook.com/namhost>
  
<https://www.facebook.com/namhost>[https://www.adsigner.com/v1/s/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/social_icon_02/621b3fa39fb210001f975298/85a9dc7c-7bd1-4958-85a9-e6a25baeb028_48x48.png
  
<https://www.adsigner.com/v1/s/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/social_icon_02/621b3fa39fb210001f975298/85a9dc7c-7bd1-4958-85a9-e6a25baeb028_48x48.png>]<https://twitter.com/namhost>
  
<https://twitter.com/namhost>[https://www.adsigner.com/v1/s/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/social_icon_03/621b3fa39fb210001f975298/c1c5386c-914c-43cf-9d37-5b4aa8e317ab_48x48.png
  
<https://www.adsigner.com/v1/s/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/social_icon_03/621b3fa39fb210001f975298/c1c5386c-914c-43cf-9d37-5b4aa8e317ab_48x48.png>]<https://www.instagram.com/namhostinternetservices/>
  
<https://www.instagram.com/namhostinternetservices/>[https://www.adsigner.com/v1/s/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/social_icon_04/621b3fa39fb210001f975298/3aaa7968-130e-48ec-821d-559a332cce47_48x48.png
  
<https://www.adsigner.com/v1/s/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/social_icon_04/621b3fa39fb210001f975298/3aaa7968-130e-48ec-821d-559a332cce47_48x48.png>]<https://www.linkedin.com/company/namhos>
  
<https://www.linkedin.com/company/namhos>[https://www.adsigner.com/v1/s/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/social_icon_05/621b3fa39fb210001f975298/3a8c09e6-588f-43a8-acfd-be4423fd3fb6_48x48.png
  
<https://www.adsigner.com/v1/s/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/social_icon_05/621b3fa39fb210001f975298/3a8c09e6-588f-43a8-acfd-be4423fd3fb6_48x48.png>]<https://www.youtube.com/channel/UCTd5v-kVPaic_dguGur15AA>
  <https://www.youtube.com/channel/UCTd5v-kVPaic_dguGur15AA>

[https://www.adsigner.com/v1/i/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/banner/940x300  
<https://www.adsigner.com/v1/i/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/banner/940x300>]<https://www.adsigner.com/v1/l/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/banner>
  <https://www.adsigner.com/v1/l/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/banner>
Namhost Internet Services (Pty) Ltd,

24 Black Eagle Rd, Hermanus, 7210, RSA

The content of this message is confidential. If you have received it by mistake, 
please inform us by email reply and then delete the message. It is forbidden to copy, 
forward, or in any way reveal the contents of this message to anyone without our 
explicit consent. The integrity and security of this email cannot be guaranteed over 
the Internet. Therefore, the sender will not be held liable for any damage caused by 
the message. For our full privacy policy and disclaimers, please go 
tohttps://www.namhost.com/privacy-policy  
<https://www.namhost.com/privacy-policy>

<https://www.adsigner.com/v1/c/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818>  
<https://www.adsigner.com/v1/c/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818>


--
Regards / Groete

<https://www.namhost.com>         Granwille Strauss  // Senior Systems Admin

*e:* granwi...@namhost.com <mailto:granwi...@namhost.com>
*m:* +264 81 323 1260 <tel:+264813231260>
*w:* www.namhost.com <https://www.namhost.com/>

<https://www.facebook.com/namhost><https://twitter.com/namhost><https://www.instagram.com/namhostinternetservices/><https://www.linkedin.com/company/namhos><https://www.youtube.com/channel/UCTd5v-kVPaic_dguGur15AA>

<https://www.adsigner.com/v1/l/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/banner>

Namhost Internet Services (Pty) Ltd,
24 Black Eagle Rd, Hermanus, 7210, RSA


The content of this message is confidential. If you have received it by mistake, please inform us by email reply and then delete the message. It is forbidden to copy, forward, or in any way reveal the contents of this message to anyone without our explicit consent. The integrity and security of this email cannot be guaranteed over the Internet. Therefore, the sender will not be held liable for any damage caused by the message. For our full privacy policy and disclaimers, please go to https://www.namhost.com/privacy-policy <https://www.namhost.com/privacy-policy>

Powered by AdSigner <https://www.adsigner.com/v1/c/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818>
--
Regards / Groete

<https://www.namhost.com>         Granwille Strauss  // Senior Systems Admin

*e:* granwi...@namhost.com <mailto:granwi...@namhost.com>
*m:* +264 81 323 1260 <tel:+264813231260>
*w:* www.namhost.com <https://www.namhost.com/>

<https://www.facebook.com/namhost><https://twitter.com/namhost><https://www.instagram.com/namhostinternetservices/><https://www.linkedin.com/company/namhos><https://www.youtube.com/channel/UCTd5v-kVPaic_dguGur15AA>

<https://www.adsigner.com/v1/l/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/banner>

Namhost Internet Services (Pty) Ltd,
24 Black Eagle Rd, Hermanus, 7210, RSA


The content of this message is confidential. If you have received it by mistake, please inform us by email reply and then delete the message. It is forbidden to copy, forward, or in any way reveal the contents of this message to anyone without our explicit consent. The integrity and security of this email cannot be guaranteed over the Internet. Therefore, the sender will not be held liable for any damage caused by the message. For our full privacy policy and disclaimers, please go to https://www.namhost.com/privacy-policy <https://www.namhost.com/privacy-policy>

Powered by AdSigner <https://www.adsigner.com/v1/c/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818>
--
Regards / Groete

<https://www.namhost.com>         Granwille Strauss  // Senior Systems Admin

*e:* granwi...@namhost.com
*m:* +264 81 323 1260 <tel:+264813231260>
*w:* www.namhost.com <https://www.namhost.com/>

<https://www.facebook.com/namhost><https://twitter.com/namhost><https://www.instagram.com/namhostinternetservices/><https://www.linkedin.com/company/namhos><https://www.youtube.com/channel/UCTd5v-kVPaic_dguGur15AA>

<https://www.adsigner.com/v1/l/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/banner>

Namhost Internet Services (Pty) Ltd,
24 Black Eagle Rd, Hermanus, 7210, RSA


The content of this message is confidential. If you have received it by mistake, please inform us by email reply and then delete the message. It is forbidden to copy, forward, or in any way reveal the contents of this message to anyone without our explicit consent. The integrity and security of this email cannot be guaranteed over the Internet. Therefore, the sender will not be held liable for any damage caused by the message. For our full privacy policy and disclaimers, please go to https://www.namhost.com/privacy-policy

Powered by AdSigner <https://www.adsigner.com/v1/c/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818>
--
Regards / Groete

<https://www.namhost.com>         Granwille Strauss  // Senior Systems Admin

*e:* granwi...@namhost.com
*m:* +264 81 323 1260 <tel:+264813231260>
*w:* www.namhost.com <https://www.namhost.com/>

<https://www.facebook.com/namhost><https://twitter.com/namhost><https://www.instagram.com/namhostinternetservices/><https://www.linkedin.com/company/namhos><https://www.youtube.com/channel/UCTd5v-kVPaic_dguGur15AA>

<https://www.adsigner.com/v1/l/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/banner>

Namhost Internet Services (Pty) Ltd,

24 Black Eagle Rd, Hermanus, 7210, RSA



The content of this message is confidential. If you have received it by mistake, please inform us by email reply and then delete the message. It is forbidden to copy, forward, or in any way reveal the contents of this message to anyone without our explicit consent. The integrity and security of this email cannot be guaranteed over the Internet. Therefore, the sender will not be held liable for any damage caused by the message. For our full privacy policy and disclaimers, please go to https://www.namhost.com/privacy-policy

Powered by AdSigner <https://www.adsigner.com/v1/c/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818>

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Reply via email to