It looks the vm is not associated to any security groups. you need to update the vm with security groups.
-Wei Technology Mail <technologyrss.m...@gmail.com> 于 2023年10月4日周三 下午5:48写道: > I skip this test using vLANID. > > Now I test as below: > > https://prnt.sc/uWF76ofrzBFC > https://prnt.sc/QCXKzF61ze5X > https://prnt.sc/Cn3jbKIel-Jk > https://prnt.sc/JOdqBQalfg0d > https://prnt.sc/88x5IAP_2ojp > https://prnt.sc/_zPRZPZ0cYRD > > > POD > 172.22.0.1 > 255.255.252.0 > 172.22.0.51 172.22.0.60 > > Guest : vlan://untagged > 172.22.0.1 > 255.255.252.0 > 172.22.0.61 172.22.0.100 > > Host > 172.22.0.11 > root > ******** > > KVM network is below > > +++++++++++++++++++++++ > > [root@kvm network-scripts]# cat ifcfg-ens9f0np0 > DEVICE=ens9f0np0 > HWADDR=bc:97:e1:1c:2b:f8 > ONBOOT=yes > BRIDGE=cloudbr0 > UUID=503ef6de-1288-4d2d-a09a-3f7d123bc35e > > > [root@kvm network-scripts]# cat ifcfg-cloudbr0 > DEVICE="cloudbr0" > TYPE=BRIDGE > UUID=f1173cad-0078-4d9b-8674-6a72e7742ffb > ONBOOT=yes > BOOTPROTO=static > IPADDR="172.22.0.11" > NETMASK="255.255.252.0" > GATEWAY="172.22.0.1" > DNS1="8.8.8.8" > DNS2="8.8.4.4" > > +++++++++++++++++++++ > > Now I get access internet from vm but not inbound ok, Like I try to ping > from my laptop to vm, its not ok. > https://prnt.sc/Gpzv4TxpwxIm > > Also I can't see SG settings for Ingress rule. > > Problem now : > > 1. vm to vm not ping > 2. Can't find SG settings > > --Alamin > > Thank you. > On 10/4/2023 7:07 PM, Wei ZHOU wrote: > > You need to set the ports on your router to trunk mode (or hybrid mode > to allow vlan 20-50). > > If you cannot configure the route, please use Shared networks (in basic > zone or advanced zone) with vlan://untagged. > > -Wei > > On Wed, 4 Oct 2023 at 14:17, Technology Mail <technologyrss.m...@gmail.com> > <technologyrss.m...@gmail.com> > wrote: > > > yes, your first think is right, > > 2nd I am using only one physical interface and all network tag is > *cloudbr0*, and I put vLANID 20-50 this is mandatory field so I input > this, just it. > > Thanks. > > On 10/4/2023 6:09 PM, Jayanth Reddy wrote: > > Hello, > > If I understand correctly, you've a network where we can consider it as a > "management network" for your hosts. I believe your expectation is to > > have > > your VMs attached onto the same management network on the bridge > > "cloudbr0" > > so that you'll get access via your gateway 172.22.0.1. > > I don't think Cloudstack has provision to attach the guest user VMs to > > the > > management bridge "cloudbr0". In your current test case, since you have > Guest VLAN IDs defined as 20 to 50, I believe your first Guest network > would be making use of your bridge for the guestnet defined in the > > physical > > network and tag the available VLAN from range 20 to 50. Do you happen to > have a different bridge for the guest networks and are you tagging the > traffic? > > Thanks, > Jayanth Reddy > > > On Wed, Oct 4, 2023 at 3:05 PM Technology Mail< > > technologyrss.m...@gmail.com> > > wrote: > > > *Hello,* > > Can I create Advanced zone using my only LAN network? > > Internet traffic come from my LAN gateway. no any public ip on host kvm. > > LAN: 172.22.0.1/22 > > kvm LAN: ens9f0np0 > Bridge : cloudbr0 > > *cat ifcfg-ens9f0np0* > DEVICE=ens9f0np0 > ONBOOT=yes > BRIDGE=cloudbr0 > UUID=503ef6de-1288-4d2d-a09a-3f7d123bc35e > > *cat ifcfg-cloudbr0* > DEVICE="cloudbr0" > TYPE=BRIDGE > UUID=f1173cad-0078-4d9b-8674-6a72e7742ffb > ONBOOT=yes > BOOTPROTO=static > IPADDR="172.22.0.11" > NETMASK="255.255.252.0" > GATEWAY="172.22.0.1" > DNS1="8.8.8.8" > DNS2="8.8.4.4" > > I am create Adv zone(without SG) with above all details but my instance > not internet ping, my virtual router, ssvm & cpvm can ping to internet. > > Guest CIDR: 172.22.0.1/22 > > Public : 172.22.0.61-172.22.0.100 (vlan://untagged) > > POD (vlan://untagged) > 172.22.0.1 > 255.255.252.0 > 172.22.0.101 172.22.0.110 > > Guest : 20-50 vLANID > > Which config needed or which my wrong? > > -- > > *Thanks & Regards.* > > *Support Admin* > > ------------------------------------------------------------------------ > > *Facebook<https://www.facebook.com/TechnologyRSS> > <https://www.facebook.com/TechnologyRSS> | > Twitter<https://twitter.com/technologyrss1> > <https://twitter.com/technologyrss1> | > YouTube<https://www.youtube.com/channel/UCBq7qGqFEUe6ObVHMuxudTw> > <https://www.youtube.com/channel/UCBq7qGqFEUe6ObVHMuxudTw> | > LinkedIn<https://www.linkedin.com/company/technologyrss/> > <https://www.linkedin.com/company/technologyrss/>* > > *Address : *116/1 West Malibagh, D. I. T Road > > Dhaka-1217, Bangladesh > > *Mob :* +88 01716915504 > > *Email :*support.ad...@technologyrss.com > > *Web :*www.technologyrss.com > > -- > > *Thanks & Regards.* > > *Support Admin* > > ------------------------------------------------------------------------ > > *Facebook <https://www.facebook.com/TechnologyRSS> > <https://www.facebook.com/TechnologyRSS> | > Twitter<https://twitter.com/technologyrss1> > <https://twitter.com/technologyrss1> | > YouTube<https://www.youtube.com/channel/UCBq7qGqFEUe6ObVHMuxudTw> > <https://www.youtube.com/channel/UCBq7qGqFEUe6ObVHMuxudTw> | > LinkedIn<https://www.linkedin.com/company/technologyrss/> > <https://www.linkedin.com/company/technologyrss/>* > > *Address : *116/1 West Malibagh, D. I. T Road > > Dhaka-1217, Bangladesh > > *Mob :* +88 01716915504 > > *Email :* support.ad...@technologyrss.com > > *Web :* www.technologyrss.com > > -- > > *Thanks & Regards.* > > *Support Admin* > ------------------------------ > > *Facebook <https://www.facebook.com/TechnologyRSS> | Twitter > <https://twitter.com/technologyrss1> | YouTube > <https://www.youtube.com/channel/UCBq7qGqFEUe6ObVHMuxudTw> | LinkedIn > <https://www.linkedin.com/company/technologyrss/>* > > *Address : *116/1 West Malibagh, D. I. T Road > > Dhaka-1217, Bangladesh > > *Mob :* +88 01716915504 > > *Email :* support.ad...@technologyrss.com > > *Web :* www.technologyrss.com >
