[
https://issues.apache.org/jira/browse/CLOUDSTACK-535?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13503868#comment-13503868
]
Marcus Sorensen commented on CLOUDSTACK-535:
--------------------------------------------
The commit 82a7e49fad81b001410b66d151743b112d0daa65 should fix this. I added
tcp 53 to every systemvm script that had udp 53 allowed.
> Virtual Router DNS is restricted to UDP only
> --------------------------------------------
>
> Key: CLOUDSTACK-535
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-535
> Project: CloudStack
> Issue Type: Bug
> Components: Network Controller
> Affects Versions: 4.0.0
> Reporter: Tamas Monos
> Priority: Minor
>
> Issue:
> When a new router VM is generated and started the initial firewall rules
> allow only port 53 on UDP. Router VMs should allow port 53 on TCP is well due
> to longer resolutions can switch to TCP for example cPanel. The cPanel
> installer will not run if it cannot resolve over TCP.
> Workaround:
> Login to the router VM and execute:
> iptables -A INPUT -i eth0 -p tcp -m tcp --dport 53 -j ACCEPT
> Resolution:
> I'm not sure where the initial firewall rules are coming from (maybe systemVM
> ISO?) but there this new rule should be added.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
