Re: VM's on cloudstack hosts not communicating to the internet (advanced networking mode)

2013-12-02 Thread Du Jun 
Have you configured the Igress and Outgress of firewall rules?


2013/12/3 Amin Samir 

> Hello,
> I need support in an issue that i am facing, I have installed cloudstack
> in advanced mode, my VM's on cloudstack hosts not communicating to the
> internet, from the virtual router can not ping the gateway, however from
> the gateway can ping the system vm's and they are all tagged.
> Environment is as follows:1) Management Network / Pod is 192.168.1.0/24Vlan 
> 20 and the MS server & Hyper visor ports are set to trunk all vlan,
> their native / untagged vlan is 20.2) Guests vlan ranges 200-1200 and
> subnet 10.1.1.0/243) Public network is 10.0.0.0/5 tagged vlan 50 (not
> real IP's)4) Management Server is Ubuntu 12, Cloudstack is 4.2, Xen Server
> 6.2 (open vswitch mode)
> Port forward is working fine and can access the vm's from outside
> networks, however can not access internet from vm's, logged in to the
> system virtual router and can not ping gateway.
> And verified the vlan's functionality with different physical & virtual
> environments.
> Could anyone please help?
> Thanks in advance.
> Amin Samir

RE: VM's on cloudstack hosts not communicating to the internet (advanced networking mode)

2013-12-02 Thread Amin Samir 
Thanks for your fast reply
Do I have to isn't the default outgoing traffic allowed from VM's? the only 
thing that is denied is incoming rules which i configured to allow 22 for my 
port forward rules.




> Date: Tue, 3 Dec 2013 10:33:50 +0800
> Subject: Re: VM's on cloudstack hosts not communicating to the internet 
> (advanced networking mode)
> From: dj199...@gmail.com
> To: users@cloudstack.apache.org
> 
> Have you configured the Igress and Outgress of firewall rules?
> 
> 
> 2013/12/3 Amin Samir 
> 
> > Hello,
> > I need support in an issue that i am facing, I have installed cloudstack
> > in advanced mode, my VM's on cloudstack hosts not communicating to the
> > internet, from the virtual router can not ping the gateway, however from
> > the gateway can ping the system vm's and they are all tagged.
> > Environment is as follows:1) Management Network / Pod is 192.168.1.0/24Vlan 
> > 20 and the MS server & Hyper visor ports are set to trunk all vlan,
> > their native / untagged vlan is 20.2) Guests vlan ranges 200-1200 and
> > subnet 10.1.1.0/243) Public network is 10.0.0.0/5 tagged vlan 50 (not
> > real IP's)4) Management Server is Ubuntu 12, Cloudstack is 4.2, Xen Server
> > 6.2 (open vswitch mode)
> > Port forward is working fine and can access the vm's from outside
> > networks, however can not access internet from vm's, logged in to the
> > system virtual router and can not ping gateway.
> > And verified the vlan's functionality with different physical & virtual
> > environments.
> > Could anyone please help?
> > Thanks in advance.
> > Amin Samir

Re: VM's on cloudstack hosts not communicating to the internet (advanced networking mode)

2013-12-02 Thread Du Jun 
YOU need to configure outgress rules if your VR want to access the Internet.


2013/12/3 Amin Samir 

> Thanks for your fast reply
> Do I have to isn't the default outgoing traffic allowed from VM's? the
> only thing that is denied is incoming rules which i configured to allow 22
> for my port forward rules.
>
>
>
>
> > Date: Tue, 3 Dec 2013 10:33:50 +0800
> > Subject: Re: VM's on cloudstack hosts not communicating to the internet
> (advanced networking mode)
> > From: dj199...@gmail.com
> > To: users@cloudstack.apache.org
> >
> > Have you configured the Igress and Outgress of firewall rules?
> >
> >
> > 2013/12/3 Amin Samir 
> >
> > > Hello,
> > > I need support in an issue that i am facing, I have installed
> cloudstack
> > > in advanced mode, my VM's on cloudstack hosts not communicating to the
> > > internet, from the virtual router can not ping the gateway, however
> from
> > > the gateway can ping the system vm's and they are all tagged.
> > > Environment is as follows:1) Management Network / Pod is
> 192.168.1.0/24Vlan 20 and the MS server & Hyper visor ports are set to
> trunk all vlan,
> > > their native / untagged vlan is 20.2) Guests vlan ranges 200-1200 and
> > > subnet 10.1.1.0/243) Public network is 10.0.0.0/5 tagged vlan 50 (not
> > > real IP's)4) Management Server is Ubuntu 12, Cloudstack is 4.2, Xen
> Server
> > > 6.2 (open vswitch mode)
> > > Port forward is working fine and can access the vm's from outside
> > > networks, however can not access internet from vm's, logged in to the
> > > system virtual router and can not ping gateway.
> > > And verified the vlan's functionality with different physical & virtual
> > > environments.
> > > Could anyone please help?
> > > Thanks in advance.
> > > Amin Samir
>
>

RE: VM's on cloudstack hosts not communicating to the internet (advanced networking mode)

2013-12-02 Thread Amin Samir 
I had, allowed any, and still, when logging to the router from the xen center, 
can not ping my gateway, iptables shows outgoing allow source any to 
destination any, however another vm on the same vlan and same host (hypervisor) 
can ping my gateway. 
Any other suggestions?

> Date: Tue, 3 Dec 2013 10:51:38 +0800
> Subject: Re: VM's on cloudstack hosts not communicating to the internet 
> (advanced networking mode)
> From: dj199...@gmail.com
> To: users@cloudstack.apache.org
> 
> YOU need to configure outgress rules if your VR want to access the Internet.
> 
> 
> 2013/12/3 Amin Samir 
> 
> > Thanks for your fast reply
> > Do I have to isn't the default outgoing traffic allowed from VM's? the
> > only thing that is denied is incoming rules which i configured to allow 22
> > for my port forward rules.
> >
> >
> >
> >
> > > Date: Tue, 3 Dec 2013 10:33:50 +0800
> > > Subject: Re: VM's on cloudstack hosts not communicating to the internet
> > (advanced networking mode)
> > > From: dj199...@gmail.com
> > > To: users@cloudstack.apache.org
> > >
> > > Have you configured the Igress and Outgress of firewall rules?
> > >
> > >
> > > 2013/12/3 Amin Samir 
> > >
> > > > Hello,
> > > > I need support in an issue that i am facing, I have installed
> > cloudstack
> > > > in advanced mode, my VM's on cloudstack hosts not communicating to the
> > > > internet, from the virtual router can not ping the gateway, however
> > from
> > > > the gateway can ping the system vm's and they are all tagged.
> > > > Environment is as follows:1) Management Network / Pod is
> > 192.168.1.0/24Vlan 20 and the MS server & Hyper visor ports are set to
> > trunk all vlan,
> > > > their native / untagged vlan is 20.2) Guests vlan ranges 200-1200 and
> > > > subnet 10.1.1.0/243) Public network is 10.0.0.0/5 tagged vlan 50 (not
> > > > real IP's)4) Management Server is Ubuntu 12, Cloudstack is 4.2, Xen
> > Server
> > > > 6.2 (open vswitch mode)
> > > > Port forward is working fine and can access the vm's from outside
> > > > networks, however can not access internet from vm's, logged in to the
> > > > system virtual router and can not ping gateway.
> > > > And verified the vlan's functionality with different physical & virtual
> > > > environments.
> > > > Could anyone please help?
> > > > Thanks in advance.
> > > > Amin Samir
> >
> >

Re: VM's on cloudstack hosts not communicating to the internet (advanced networking mode)

2013-12-02 Thread Du Jun 
Cloudstack 4.2 is a bit different from 4.0.I have met your problem
before.You need not only configure firewall rules but also security group
about egress.


2013/12/3 Amin Samir 

> I had, allowed any, and still, when logging to the router from the xen
> center, can not ping my gateway, iptables shows outgoing allow source any
> to destination any, however another vm on the same vlan and same host
> (hypervisor) can ping my gateway.
> Any other suggestions?
>
> > Date: Tue, 3 Dec 2013 10:51:38 +0800
> > Subject: Re: VM's on cloudstack hosts not communicating to the internet
> (advanced networking mode)
> > From: dj199...@gmail.com
> > To: users@cloudstack.apache.org
> >
> > YOU need to configure outgress rules if your VR want to access the
> Internet.
> >
> >
> > 2013/12/3 Amin Samir 
> >
> > > Thanks for your fast reply
> > > Do I have to isn't the default outgoing traffic allowed from VM's? the
> > > only thing that is denied is incoming rules which i configured to
> allow 22
> > > for my port forward rules.
> > >
> > >
> > >
> > >
> > > > Date: Tue, 3 Dec 2013 10:33:50 +0800
> > > > Subject: Re: VM's on cloudstack hosts not communicating to the
> internet
> > > (advanced networking mode)
> > > > From: dj199...@gmail.com
> > > > To: users@cloudstack.apache.org
> > > >
> > > > Have you configured the Igress and Outgress of firewall rules?
> > > >
> > > >
> > > > 2013/12/3 Amin Samir 
> > > >
> > > > > Hello,
> > > > > I need support in an issue that i am facing, I have installed
> > > cloudstack
> > > > > in advanced mode, my VM's on cloudstack hosts not communicating to
> the
> > > > > internet, from the virtual router can not ping the gateway, however
> > > from
> > > > > the gateway can ping the system vm's and they are all tagged.
> > > > > Environment is as follows:1) Management Network / Pod is
> > > 192.168.1.0/24Vlan 20 and the MS server & Hyper visor ports are set to
> > > trunk all vlan,
> > > > > their native / untagged vlan is 20.2) Guests vlan ranges 200-1200
> and
> > > > > subnet 10.1.1.0/243) Public network is 10.0.0.0/5 tagged vlan 50
> (not
> > > > > real IP's)4) Management Server is Ubuntu 12, Cloudstack is 4.2, Xen
> > > Server
> > > > > 6.2 (open vswitch mode)
> > > > > Port forward is working fine and can access the vm's from outside
> > > > > networks, however can not access internet from vm's, logged in to
> the
> > > > > system virtual router and can not ping gateway.
> > > > > And verified the vlan's functionality with different physical &
> virtual
> > > > > environments.
> > > > > Could anyone please help?
> > > > > Thanks in advance.
> > > > > Amin Samir
> > >
> > >
>
>

RE: VM's on cloudstack hosts not communicating to the internet (advanced networking mode)

2013-12-02 Thread Amin Samir 
Hi but i did not select security groups in the zone wizard, how can i do this 
now or do i have to recreate the zone? I found issue with no resolution exactly 
similar to what is 
happening.http://mail-archives.apache.org/mod_mbox/cloudstack-users/201310.mbox/%3c1382640326.52696ac6e7...@webmail.manske.org%3E

> Date: Tue, 3 Dec 2013 11:29:55 +0800
> Subject: Re: VM's on cloudstack hosts not communicating to the internet 
> (advanced networking mode)
> From: dj199...@gmail.com
> To: users@cloudstack.apache.org
> 
> Cloudstack 4.2 is a bit different from 4.0.I have met your problem
> before.You need not only configure firewall rules but also security group
> about egress.
> 
> 
> 2013/12/3 Amin Samir 
> 
> > I had, allowed any, and still, when logging to the router from the xen
> > center, can not ping my gateway, iptables shows outgoing allow source any
> > to destination any, however another vm on the same vlan and same host
> > (hypervisor) can ping my gateway.
> > Any other suggestions?
> >
> > > Date: Tue, 3 Dec 2013 10:51:38 +0800
> > > Subject: Re: VM's on cloudstack hosts not communicating to the internet
> > (advanced networking mode)
> > > From: dj199...@gmail.com
> > > To: users@cloudstack.apache.org
> > >
> > > YOU need to configure outgress rules if your VR want to access the
> > Internet.
> > >
> > >
> > > 2013/12/3 Amin Samir 
> > >
> > > > Thanks for your fast reply
> > > > Do I have to isn't the default outgoing traffic allowed from VM's? the
> > > > only thing that is denied is incoming rules which i configured to
> > allow 22
> > > > for my port forward rules.
> > > >
> > > >
> > > >
> > > >
> > > > > Date: Tue, 3 Dec 2013 10:33:50 +0800
> > > > > Subject: Re: VM's on cloudstack hosts not communicating to the
> > internet
> > > > (advanced networking mode)
> > > > > From: dj199...@gmail.com
> > > > > To: users@cloudstack.apache.org
> > > > >
> > > > > Have you configured the Igress and Outgress of firewall rules?
> > > > >
> > > > >
> > > > > 2013/12/3 Amin Samir 
> > > > >
> > > > > > Hello,
> > > > > > I need support in an issue that i am facing, I have installed
> > > > cloudstack
> > > > > > in advanced mode, my VM's on cloudstack hosts not communicating to
> > the
> > > > > > internet, from the virtual router can not ping the gateway, however
> > > > from
> > > > > > the gateway can ping the system vm's and they are all tagged.
> > > > > > Environment is as follows:1) Management Network / Pod is
> > > > 192.168.1.0/24Vlan 20 and the MS server & Hyper visor ports are set to
> > > > trunk all vlan,
> > > > > > their native / untagged vlan is 20.2) Guests vlan ranges 200-1200
> > and
> > > > > > subnet 10.1.1.0/243) Public network is 10.0.0.0/5 tagged vlan 50
> > (not
> > > > > > real IP's)4) Management Server is Ubuntu 12, Cloudstack is 4.2, Xen
> > > > Server
> > > > > > 6.2 (open vswitch mode)
> > > > > > Port forward is working fine and can access the vm's from outside
> > > > > > networks, however can not access internet from vm's, logged in to
> > the
> > > > > > system virtual router and can not ping gateway.
> > > > > > And verified the vlan's functionality with different physical &
> > virtual
> > > > > > environments.
> > > > > > Could anyone please help?
> > > > > > Thanks in advance.
> > > > > > Amin Samir
> > > >
> > > >
> >
> >

Re: VM's on cloudstack hosts not communicating to the internet (advanced networking mode)

2013-12-02 Thread Adam Kamali 
Amin;

1. It sound to me you have networking issue. Can you try to bring a VM and
place it on the same vLAN and check if you are able to ping outside and get
internet?

2. You will also need to set  0.0.0.0/0 on egress rule for that network in
order to get internet.




On Mon, Dec 2, 2013 at 10:34 PM, Amin Samir wrote:

> Hi but i did not select security groups in the zone wizard, how can i do
> this now or do i have to recreate the zone? I found issue with no
> resolution exactly similar to what is happening.
> http://mail-archives.apache.org/mod_mbox/cloudstack-users/201310.mbox/%3c1382640326.52696ac6e7...@webmail.manske.org%3E
>
> > Date: Tue, 3 Dec 2013 11:29:55 +0800
> > Subject: Re: VM's on cloudstack hosts not communicating to the internet
> (advanced networking mode)
> > From: dj199...@gmail.com
> > To: users@cloudstack.apache.org
> >
> > Cloudstack 4.2 is a bit different from 4.0.I have met your problem
> > before.You need not only configure firewall rules but also security group
> > about egress.
> >
> >
> > 2013/12/3 Amin Samir 
> >
> > > I had, allowed any, and still, when logging to the router from the xen
> > > center, can not ping my gateway, iptables shows outgoing allow source
> any
> > > to destination any, however another vm on the same vlan and same host
> > > (hypervisor) can ping my gateway.
> > > Any other suggestions?
> > >
> > > > Date: Tue, 3 Dec 2013 10:51:38 +0800
> > > > Subject: Re: VM's on cloudstack hosts not communicating to the
> internet
> > > (advanced networking mode)
> > > > From: dj199...@gmail.com
> > > > To: users@cloudstack.apache.org
> > > >
> > > > YOU need to configure outgress rules if your VR want to access the
> > > Internet.
> > > >
> > > >
> > > > 2013/12/3 Amin Samir 
> > > >
> > > > > Thanks for your fast reply
> > > > > Do I have to isn't the default outgoing traffic allowed from VM's?
> the
> > > > > only thing that is denied is incoming rules which i configured to
> > > allow 22
> > > > > for my port forward rules.
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > > Date: Tue, 3 Dec 2013 10:33:50 +0800
> > > > > > Subject: Re: VM's on cloudstack hosts not communicating to the
> > > internet
> > > > > (advanced networking mode)
> > > > > > From: dj199...@gmail.com
> > > > > > To: users@cloudstack.apache.org
> > > > > >
> > > > > > Have you configured the Igress and Outgress of firewall rules?
> > > > > >
> > > > > >
> > > > > > 2013/12/3 Amin Samir 
> > > > > >
> > > > > > > Hello,
> > > > > > > I need support in an issue that i am facing, I have installed
> > > > > cloudstack
> > > > > > > in advanced mode, my VM's on cloudstack hosts not
> communicating to
> > > the
> > > > > > > internet, from the virtual router can not ping the gateway,
> however
> > > > > from
> > > > > > > the gateway can ping the system vm's and they are all tagged.
> > > > > > > Environment is as follows:1) Management Network / Pod is
> > > > > 192.168.1.0/24Vlan 20 and the MS server & Hyper visor ports are
> set to
> > > > > trunk all vlan,
> > > > > > > their native / untagged vlan is 20.2) Guests vlan ranges
> 200-1200
> > > and
> > > > > > > subnet 10.1.1.0/243) Public network is 10.0.0.0/5 tagged vlan
> 50
> > > (not
> > > > > > > real IP's)4) Management Server is Ubuntu 12, Cloudstack is
> 4.2, Xen
> > > > > Server
> > > > > > > 6.2 (open vswitch mode)
> > > > > > > Port forward is working fine and can access the vm's from
> outside
> > > > > > > networks, however can not access internet from vm's, logged in
> to
> > > the
> > > > > > > system virtual router and can not ping gateway.
> > > > > > > And verified the vlan's functionality with different physical &
> > > virtual
> > > > > > > environments.
> > > > > > > Could anyone please help?
> > > > > > > Thanks in advance.
> > > > > > > Amin Samir
> > > > >
> > > > >
> > >
> > >
>
>

Re: VM's on cloudstack hosts not communicating to the internet (advanced networking mode)

2013-12-02 Thread Jayapal Reddy Uradi 
Hi,

>From the router the gateway should be reachable if not there is networking 
>issue in your setup.
Can you please check your VLAN related configuration.

Thanks,
Jayapal

On 03-Dec-2013, at 8:44 AM, Amin Samir  wrote:

> I had, allowed any, and still, when logging to the router from the xen 
> center, can not ping my gateway, iptables shows outgoing allow source any to 
> destination any, however another vm on the same vlan and same host 
> (hypervisor) can ping my gateway. 
> Any other suggestions?
> 
>> Date: Tue, 3 Dec 2013 10:51:38 +0800
>> Subject: Re: VM's on cloudstack hosts not communicating to the internet 
>> (advanced networking mode)
>> From: dj199...@gmail.com
>> To: users@cloudstack.apache.org
>> 
>> YOU need to configure outgress rules if your VR want to access the Internet.
>> 
>> 
>> 2013/12/3 Amin Samir 
>> 
>>> Thanks for your fast reply
>>> Do I have to isn't the default outgoing traffic allowed from VM's? the
>>> only thing that is denied is incoming rules which i configured to allow 22
>>> for my port forward rules.
>>> 
>>> 
>>> 
>>> 
>>>> Date: Tue, 3 Dec 2013 10:33:50 +0800
>>>> Subject: Re: VM's on cloudstack hosts not communicating to the internet
>>> (advanced networking mode)
>>>> From: dj199...@gmail.com
>>>> To: users@cloudstack.apache.org
>>>> 
>>>> Have you configured the Igress and Outgress of firewall rules?
>>>> 
>>>> 
>>>> 2013/12/3 Amin Samir 
>>>> 
>>>>> Hello,
>>>>> I need support in an issue that i am facing, I have installed
>>> cloudstack
>>>>> in advanced mode, my VM's on cloudstack hosts not communicating to the
>>>>> internet, from the virtual router can not ping the gateway, however
>>> from
>>>>> the gateway can ping the system vm's and they are all tagged.
>>>>> Environment is as follows:1) Management Network / Pod is
>>> 192.168.1.0/24Vlan 20 and the MS server & Hyper visor ports are set to
>>> trunk all vlan,
>>>>> their native / untagged vlan is 20.2) Guests vlan ranges 200-1200 and
>>>>> subnet 10.1.1.0/243) Public network is 10.0.0.0/5 tagged vlan 50 (not
>>>>> real IP's)4) Management Server is Ubuntu 12, Cloudstack is 4.2, Xen
>>> Server
>>>>> 6.2 (open vswitch mode)
>>>>> Port forward is working fine and can access the vm's from outside
>>>>> networks, however can not access internet from vm's, logged in to the
>>>>> system virtual router and can not ping gateway.
>>>>> And verified the vlan's functionality with different physical & virtual
>>>>> environments.
>>>>> Could anyone please help?
>>>>> Thanks in advance.
>>>>> Amin Samir
>>> 
>>> 
>

Re: VM's on cloudstack hosts not communicating to the internet (advanced networking mode)

2013-12-02 Thread Shanker Balan 
Comments inline.

On 03-Dec-2013, at 9:24 am, Adam Kamali 
mailto:adam@gmail.com>> wrote:

Amin;

1. It sound to me you have networking issue. Can you try to bring a VM and 
place it
on the same vLAN and check if you are able to ping outside and get internet?

Certainly sounds like a networking issue.

Also, one can bring up a tagged interface directly only the hypervisor to check 
if the
switch configuration is working correctly. For example, I just do this on 2 
hosts and run
pings between them to isolate the issue on KVM hosts:

# host1
vconfig add eth0 64
ifconfig eth0.64 1.2.3.4 netmask 255.255.255.0 up
ping 1.2.3.5

# host2
vconfig add eth0 64
ifconfig eth0.64 1.2.3.5 netmask 255.255.255.0 up
ping 1.2.3.4

Then run tcpdump all over the place to check who is gobbling up the packets. :)

2. You will also need to set  0.0.0.0/0 on egress rule for 
that network in order to get internet.

In a test that I just ran on a brand new isolated network:

- The VR itself is able to ping a public IP without any Egress rule being in 
place. Unless I
  am mistaken, the Egress rules do not control traffic originating from the VR 
itself but only “forwarded” traffic.

- Instance could ping a public IP only after adding an Egress rule

- The public IP of the VR was pingable only after adding an ingress rule.

YMMV.

--
@shankerbalan

M: +91 98860 60539 | O: +91 (80) 67935867
shanker.ba...@shapeblue.com | 
www.shapeblue.com | Twitter:@shapeblue
ShapeBlue Services India LLP, 22nd floor, Unit 2201A, World Trade Centre, 
Bangalore - 560 055

This email and any attachments to it may be confidential and are intended 
solely for the use of the individual to whom it is addressed. Any views or 
opinions expressed are solely those of the author and do not necessarily 
represent those of Shape Blue Ltd or related companies. If you are not the 
intended recipient of this email, you must neither take any action based upon 
its contents, nor copy or show it to anyone. Please contact the sender if you 
believe you have received this email in error. Shape Blue Ltd is a company 
incorporated in England & Wales. ShapeBlue Services India LLP is a company 
incorporated in India and is operated under license from Shape Blue Ltd. Shape 
Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is 
operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.

Re: VM's on cloudstack hosts not communicating to the internet (advanced networking mode)

2013-12-02 Thread Jayapal Reddy Uradi 
Hi,

Router reach public gateway/internet without egress rule.

Thanks,
Jayapal

On 03-Dec-2013, at 10:35 AM, Shanker Balan 
 wrote:

> Comments inline.
> 
> On 03-Dec-2013, at 9:24 am, Adam Kamali 
> mailto:adam@gmail.com>> wrote:
> 
> Amin;
> 
> 1. It sound to me you have networking issue. Can you try to bring a VM and 
> place it
> on the same vLAN and check if you are able to ping outside and get internet?
> 
> Certainly sounds like a networking issue.
> 
> Also, one can bring up a tagged interface directly only the hypervisor to 
> check if the
> switch configuration is working correctly. For example, I just do this on 2 
> hosts and run
> pings between them to isolate the issue on KVM hosts:
> 
> # host1
> vconfig add eth0 64
> ifconfig eth0.64 1.2.3.4 netmask 255.255.255.0 up
> ping 1.2.3.5
> 
> # host2
> vconfig add eth0 64
> ifconfig eth0.64 1.2.3.5 netmask 255.255.255.0 up
> ping 1.2.3.4
> 
> Then run tcpdump all over the place to check who is gobbling up the packets. 
> :)
> 
> 2. You will also need to set  0.0.0.0/0 on egress rule for 
> that network in order to get internet.
> 
> In a test that I just ran on a brand new isolated network:
> 
> - The VR itself is able to ping a public IP without any Egress rule being in 
> place. Unless I
>  am mistaken, the Egress rules do not control traffic originating from the VR 
> itself but only “forwarded” traffic.
> 
> - Instance could ping a public IP only after adding an Egress rule
> 
> - The public IP of the VR was pingable only after adding an ingress rule.
> 
> YMMV.
> 
> --
> @shankerbalan
> 
> M: +91 98860 60539 | O: +91 (80) 67935867
> shanker.ba...@shapeblue.com | 
> www.shapeblue.com | Twitter:@shapeblue
> ShapeBlue Services India LLP, 22nd floor, Unit 2201A, World Trade Centre, 
> Bangalore - 560 055
> 
> This email and any attachments to it may be confidential and are intended 
> solely for the use of the individual to whom it is addressed. Any views or 
> opinions expressed are solely those of the author and do not necessarily 
> represent those of Shape Blue Ltd or related companies. If you are not the 
> intended recipient of this email, you must neither take any action based upon 
> its contents, nor copy or show it to anyone. Please contact the sender if you 
> believe you have received this email in error. Shape Blue Ltd is a company 
> incorporated in England & Wales. ShapeBlue Services India LLP is a company 
> incorporated in India and is operated under license from Shape Blue Ltd. 
> Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is 
> operated under license from Shape Blue Ltd. ShapeBlue is a registered 
> trademark.

Re: VM's on cloudstack hosts not communicating to the internet (advanced networking mode)

2013-12-02 Thread Shanker Balan 
On 03-Dec-2013, at 10:41 am, Jayapal Reddy Uradi 
 wrote:

> Hi,
>
> Router reach public gateway/internet without egress rule.

If only adding a egress rule would fix all networking issues. :)



--
@shankerbalan

M: +91 98860 60539 | O: +91 (80) 67935867
shanker.ba...@shapeblue.com | www.shapeblue.com | Twitter:@shapeblue
ShapeBlue Services India LLP, 22nd floor, Unit 2201A, World Trade Centre, 
Bangalore - 560 055

This email and any attachments to it may be confidential and are intended 
solely for the use of the individual to whom it is addressed. Any views or 
opinions expressed are solely those of the author and do not necessarily 
represent those of Shape Blue Ltd or related companies. If you are not the 
intended recipient of this email, you must neither take any action based upon 
its contents, nor copy or show it to anyone. Please contact the sender if you 
believe you have received this email in error. Shape Blue Ltd is a company 
incorporated in England & Wales. ShapeBlue Services India LLP is a company 
incorporated in India and is operated under license from Shape Blue Ltd. Shape 
Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is 
operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.

RE: VM's on cloudstack hosts not communicating to the internet (advanced networking mode)

2013-12-02 Thread Amin Samir 
Hello,
I'd like to thank you all for your support, it turned out it switch port issue, 
I will reconfigure the switch port security and it should work.
Thanks
Amin. 

> From: shanker.ba...@shapeblue.com
> To: users@cloudstack.apache.org
> Subject: Re: VM's on cloudstack hosts not communicating to the internet 
> (advanced networking mode)
> Date: Tue, 3 Dec 2013 05:20:35 +
> 
> On 03-Dec-2013, at 10:41 am, Jayapal Reddy Uradi 
>  wrote:
> 
> > Hi,
> >
> > Router reach public gateway/internet without egress rule.
> 
> If only adding a egress rule would fix all networking issues. :)
> 
> 
> 
> --
> @shankerbalan
> 
> M: +91 98860 60539 | O: +91 (80) 67935867
> shanker.ba...@shapeblue.com | www.shapeblue.com | Twitter:@shapeblue
> ShapeBlue Services India LLP, 22nd floor, Unit 2201A, World Trade Centre, 
> Bangalore - 560 055
> 
> This email and any attachments to it may be confidential and are intended 
> solely for the use of the individual to whom it is addressed. Any views or 
> opinions expressed are solely those of the author and do not necessarily 
> represent those of Shape Blue Ltd or related companies. If you are not the 
> intended recipient of this email, you must neither take any action based upon 
> its contents, nor copy or show it to anyone. Please contact the sender if you 
> believe you have received this email in error. Shape Blue Ltd is a company 
> incorporated in England & Wales. ShapeBlue Services India LLP is a company 
> incorporated in India and is operated under license from Shape Blue Ltd. 
> Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is 
> operated under license from Shape Blue Ltd. ShapeBlue is a registered 
> trademark.

Re: VM's on cloudstack hosts not communicating to the internet (advanced networking mode)

2013-12-02 Thread Shanker Balan 
On 03-Dec-2013, at 11:44 am, Amin Samir  wrote:

> Hello,
> I'd like to thank you all for your support, it turned out it switch port 
> issue, I will reconfigure the switch port security and it should work.


I was inspired to make a blog post about it.

http://shankerbalan.net/blog/internet-not-working-on-cloudstack-vms/

Hth.

--
@shankerbalan

M: +91 98860 60539 | O: +91 (80) 67935867
shanker.ba...@shapeblue.com | www.shapeblue.com | Twitter:@shapeblue
ShapeBlue Services India LLP, 22nd floor, Unit 2201A, World Trade Centre, 
Bangalore - 560 055

This email and any attachments to it may be confidential and are intended 
solely for the use of the individual to whom it is addressed. Any views or 
opinions expressed are solely those of the author and do not necessarily 
represent those of Shape Blue Ltd or related companies. If you are not the 
intended recipient of this email, you must neither take any action based upon 
its contents, nor copy or show it to anyone. Please contact the sender if you 
believe you have received this email in error. Shape Blue Ltd is a company 
incorporated in England & Wales. ShapeBlue Services India LLP is a company 
incorporated in India and is operated under license from Shape Blue Ltd. Shape 
Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is 
operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.

RE: VM's on cloudstack hosts not communicating to the internet (advanced networking mode)

2013-12-02 Thread Amin Samir 
Thanks Shanker, really appreciate all your support guys.
Amin

> From: shanker.ba...@shapeblue.com
> To: users@cloudstack.apache.org
> Subject: Re: VM's on cloudstack hosts not communicating to the internet 
> (advanced networking mode)
> Date: Tue, 3 Dec 2013 06:37:12 +
> 
> On 03-Dec-2013, at 11:44 am, Amin Samir  wrote:
> 
> > Hello,
> > I'd like to thank you all for your support, it turned out it switch port 
> > issue, I will reconfigure the switch port security and it should work.
> 
> 
> I was inspired to make a blog post about it.
> 
> http://shankerbalan.net/blog/internet-not-working-on-cloudstack-vms/
> 
> Hth.
> 
> --
> @shankerbalan
> 
> M: +91 98860 60539 | O: +91 (80) 67935867
> shanker.ba...@shapeblue.com | www.shapeblue.com | Twitter:@shapeblue
> ShapeBlue Services India LLP, 22nd floor, Unit 2201A, World Trade Centre, 
> Bangalore - 560 055
> 
> This email and any attachments to it may be confidential and are intended 
> solely for the use of the individual to whom it is addressed. Any views or 
> opinions expressed are solely those of the author and do not necessarily 
> represent those of Shape Blue Ltd or related companies. If you are not the 
> intended recipient of this email, you must neither take any action based upon 
> its contents, nor copy or show it to anyone. Please contact the sender if you 
> believe you have received this email in error. Shape Blue Ltd is a company 
> incorporated in England & Wales. ShapeBlue Services India LLP is a company 
> incorporated in India and is operated under license from Shape Blue Ltd. 
> Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is 
> operated under license from Shape Blue Ltd. ShapeBlue is a registered 
> trademark.

RE: VM's on cloudstack hosts not communicating to the internet (advanced networking mode)

2013-12-04 Thread Whyspirit 



Envoyé avec AquaMail pour Android
http://www.aqua-mail.com


Le 3 décembre 2013 04:34:04 Amin Samir  a écrit :
Hi but i did not select security groups in the zone wizard, how can i do 
this now or do i have to recreate the zone? I found issue with no 
resolution exactly similar to what is 
happening.http://mail-archives.apache.org/mod_mbox/cloudstack-users/201310.mbox/%3c1382640326.52696ac6e7...@webmail.manske.org%3E


> Date: Tue, 3 Dec 2013 11:29:55 +0800
> Subject: Re: VM's on cloudstack hosts not communicating to the internet 
(advanced networking mode)

> From: dj199...@gmail.com
> To: users@cloudstack.apache.org
> Cloudstack 4.2 is a bit different from 4.0.I have met your problem
> before.You need not only configure firewall rules but also security group
> about egress.
>
> 2013/12/3 Amin Samir 
> >

RE: VM's on cloudstack hosts not communicating to the internet (advanced networking mode)

2013-12-04 Thread Whyspirit 



Envoyé avec AquaMail pour Android
http://www.aqua-mail.com


Le 3 décembre 2013 04:34:04 Amin Samir  a écrit :
Hi but i did not select security groups in the zone wizard, how can i do 
this now or do i have to recreate the zone? I found issue with no 
resolution exactly similar to what is 
happening.http://mail-archives.apache.org/mod_mbox/cloudstack-users/201310.mbox/%3c1382640326.52696ac6e7...@webmail.manske.org%3E


> Date: Tue, 3 Dec 2013 11:29:55 +0800
> Subject: Re: VM's on cloudstack hosts not communicating to the internet 
(advanced networking mode)

> From: dj199...@gmail.com
> To: users@cloudstack.apache.org
> Cloudstack 4.2 is a bit different from 4.0.I have met your problem
> before.You need not only configure firewall rules but also security group
> about egress.
>
> 2013/12/3 Amin Samir 
> >