Hi,
I am not sure about the error but please see the below example configuration
and correct your configuration.
Example confirmation:
Public Interface: fe-0/0/4.52
Private Interface: fe-0/0/1
fe-0/0/1 - private interface
fe-0/0/4.52 - public interface where my public network vlan id is
26d2433
server/src/com/cloud/api/ApiResponseHelper.java 0c98abc
Diff: https://reviews.apache.org/r/11803/diff/
Testing
---
Tested listFirewallRules and listEgressFirewallRules API responses
Thanks,
Jayapal Reddy
Hi,
The current egress firewall rule feature by default BLOCK the all the outgoing
traffic if there are no user configured rules.
I am proposing configurable option for the egress firewall rules using the
Network offering.
In network offering for firewall service provider, user can select
)
-
server/src/com/cloud/network/NetworkServiceImpl.java d5a59d6
Diff: https://reviews.apache.org/r/11458/diff/
Testing
---
Tested on isolated and shared networks.
Thanks,
Jayapal Reddy
://reviews.apache.org/r/11458/#review21409
---
On May 28, 2013, 7:27 a.m., Jayapal Reddy wrote:
---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r
: https://reviews.apache.org/r/11803/diff/
Testing
---
Tested listFirewallRules and listEgressFirewallRules API responses
Thanks,
Jayapal Reddy
/vmware/resource/VmwareResource.java
5944cc8
Diff: https://reviews.apache.org/r/11655/diff/
Testing
---
Tested PF, static NAT in vmware vpc setup
Thanks,
Jayapal Reddy
://reviews.apache.org/r/11458/diff/
Testing
---
Tested on isolated and shared networks.
Thanks,
Jayapal Reddy
static nat on public iop
2. deleted public ip address
3. verified that user_ip_address dnat_vmip is set to null
Thanks,
Jayapal Reddy
Thanks,
Jayapal Reddy
for n1 network ip
5. deleted secondary ip of nic in n2. ip deleted successfully
6. Tested add vm nic to network and remove vm nic from network.
Thanks,
Jayapal Reddy
Congrats swamy !
On 24-May-2013, at 2:51 AM, Chip Childers chip.child...@sungard.com
wrote:
The Project Management Committee (PMC) for Apache CloudStack
has asked Venkata Swamy to become a committer and we are pleased to
announce that they have accepted.
Being a committer allows many
Congrats Sailaja!!
On 24-May-2013, at 9:46 AM, Abhinav Roy abhinav@citrix.com
wrote:
Congratulations Sailaja!! :)
-Original Message-
From: Sowmya Krishnan [mailto:sowmya.krish...@citrix.com]
Sent: Friday, May 24, 2013 9:06 AM
To: dev@cloudstack.apache.org
Subject: RE:
The files get copied when you add Junipre SRX device into CS.
Thanks,
Jayapal
-Original Message-
From: Rayees Namathponnan [mailto:rayees.namathpon...@citrix.com]
Sent: Thursday, 23 May 2013 4:58 AM
To: cloudstack-...@incubator.apache.org
Subject: Juniper SRX xml files copy logic
Please ignore my last answer.
Thanks,
Jayapal
On 23-May-2013, at 10:12 AM, Jayapal Reddy Uradi jayapalreddy.ur...@citrix.com
wrote:
The files get copied when you add Junipre SRX device into CS.
Thanks,
Jayapal
-Original Message-
From: Rayees Namathponnan
Hi Hugo,
Bug CLOUDSTACK-2371 NPE is introduced with commit
79c7da07abd4294f150851aa0c2d06a28564c5a9 while deleting private gateway.
Can you please looking into the issue.
commit 79c7da07abd4294f150851aa0c2d06a28564c5a9
Author: Hugo Trippaers htrippa...@schubergphilis.com
Date: Wed Jul 11
---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/11224/#review20784
---
On May 20, 2013, 5:55 a.m., Jayapal Reddy wrote
/ExternalFirewallDeviceManagerImpl.java 4a90a77
utils/src/com/cloud/utils/net/NetUtils.java 9551c26
Diff: https://reviews.apache.org/r/11224/diff/
Testing
---
1. Added icmp firewall rule and tested ping to public ip from the public subnet
2. Tested configuring Static NAT and PF
Thanks,
Jayapal Reddy
. Added icmp firewall rule and tested ping to public ip from the public subnet
2. Tested configuring Static NAT and PF
Thanks,
Jayapal Reddy
the changes.
- Jayapal Reddy
On March 15, 2013, 9:54 a.m., Wei Zhou wrote:
---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/9696
,
Jayapal Reddy
than one private gateway in this vpc
2. Deleted vpc
3. observed that the all private gateways got deleted
Thanks,
Jayapal Reddy
Diff: https://reviews.apache.org/r/11149/diff/
Testing
---
1. Create vpc and created more than one private gateway in this vpc
2. Deleted vpc
3. observed that the all private gateways got deleted
Thanks,
Jayapal Reddy
/cloud/network/vpc/NetworkACLServiceImpl.java ba8f489
Diff: https://reviews.apache.org/r/11150/diff/
Testing
---
1. Tested by configuring invlida ip
2. tested by configuring replacenetworkacl for private gw with default cal
Thanks,
Jayapal Reddy
For the createFirewallRule and createEgressFirewallRule APIs the port
parameters are optional.
If you don't specify the port range for the prototocol (TCP) it allows all the
tcp traffic.
Ingress:
1. First firewall rules filters traffic then PF/Static NAT will NAT to the
specific VM.
If you
Congrats Devdeep.
On 14-May-2013, at 8:46 PM, Chip Childers chip.child...@sungard.com wrote:
The Project Management Committee (PMC) for Apache CloudStack
has asked Devdeep Singh to become a committer and we are pleased to
announce that they have accepted.
Being a committer allows many
or not.
Thanks,
Jayapal Reddy
router and see the rules are added or not.
Thanks,
Jayapal Reddy
Diff: https://reviews.apache.org/r/10942/diff/
Testing
---
1. Tested creation of private gateway with acl id
2. replacenetworkacl for privategateway id
3. add new acl item and checking the applying item on private gw
4. restart router and see the rules are added or not.
Thanks,
Jayapal
: https://reviews.apache.org/r/10942/diff/
Testing
---
1. Tested creation of private gateway with acl id
2. replacenetworkacl for privategateway id
3. add new acl item and checking the applying item on private gw
4. restart router and see the rules are added or not.
Thanks,
Jayapal Reddy
creation of private gateway with acl id
2. replacenetworkacl for privategateway id
3. add new acl item and checking the applying item on private gw
4. restart router and see the rules are added or not.
Thanks,
Jayapal Reddy
/10794/diff/
Testing
---
1. Added egress rules for shared network.
2. Got error 'Egress firewall rules are not supported for shared networks
Thanks,
Jayapal Reddy
., Jayapal Reddy wrote:
---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/10794/
---
(Updated April 26, 2013, 9:08 a.m.)
Review request
Hi Jiri,
If you pass ip addr to API to create VM.
- If IP addr is not in vm network cidd, or ip is not available in that
network VM creation will fail.
- If ip is not available then CS will not pick another ip.
If your case is there any other dhcp server in guest network serving ip to the
/diff/
Testing
---
Unit tested on basic and advanced zone
Thanks,
Jayapal Reddy
b8ddaf1
Diff: https://reviews.apache.org/r/10753/diff/
Testing
---
Tested on the running setup by editing the file.
Thanks,
Jayapal Reddy
://reviews.apache.org/r/10703/diff/
Testing
---
Tested with admin and normal user
Thanks,
Jayapal Reddy
Congrats Prasanna.
-Jayapal
On 23-Apr-2013, at 12:47 PM, Ram Ganesh ram.gan...@citrix.com wrote:
Congrats Prasanna.
Regards,
RamG
-Original Message-
From: L Radhakrishna Rao [mailto:satishsaga...@gmail.com]
Sent: 23 April 2013 12:42
To: dev@cloudstack.apache.org
Subject: Re:
.
Description
---
Updated the user permissions check
This addresses bug CLOUDSTACK-2134.
Diffs
-
server/src/com/cloud/network/NetworkServiceImpl.java ac2ac45
Diff: https://reviews.apache.org/r/10727/diff/
Testing
---
Unit tested on basic and advanced zone
Thanks,
Jayapal Reddy
.
Description
---
Updated listnics response for normal user
This addresses bug CLOUDSTACK-1573.
Diffs
-
server/src/com/cloud/api/ApiResponseHelper.java a7d6165
Diff: https://reviews.apache.org/r/10703/diff/
Testing
---
Tested with admin and normal user
Thanks,
Jayapal Reddy
Maurice,
You need to change the below rule in eatables to work for secondary ips.
ebtables -t nat -A + vmchain_in + -p ARP --arp-ip-src ! + vm_ip + -j DROP
ebtables -t nat -A + vmchain_out + -p ARP --arp-ip-dst ! + vm_ip + -j DROP
updated to:
ebtables -t nat -A + vmchain_in + -p
.
This addresses bug CLOUDSTACK-2118.
Diffs
-
patches/systemvm/debian/config/etc/init.d/cloud-early-config 3faa1bd
Diff: https://reviews.apache.org/r/10647/diff/
Testing
---
1. Tested in vmware and xenserver VR.
2. Route for mgmt cidr on vmware and default routes added properly
Thanks,
Jayapal
after PF and LB ?
The difference between the public network and the private gateway (or the
network behind the private gateway) is not much (if any).
On 3/27/13 10:42 PM, Jayapal Reddy Uradi jayapalreddy.ur...@citrix.com
wrote:
I would like to propose feature NAT on private gateway
The reason to choose multiple ips is there is a limit (I think it is 7) on the
hypervisor about number of nic can VM have.
For a nic you can have more than 7 ip addresses.
The multiple ips feature is supported in the basic zone also.
I think multiple nics feature is more useful when user need a
docs/en-US/multiple-ip-nic.xml
https://reviews.apache.org/r/10367/#comment39410
listnics response contains:
id
ipaddress
secondaryips
gateway
netmask
macaddr
broadcasturi
isolationuri
isdefault
- Jayapal Reddy
On April 9, 2013, 8:12 a.m., Radhika PC
/10336/#review18867
---
On April 9, 2013, 6:12 a.m., Jayapal Reddy wrote:
---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/10336
---
Unit Testing done.
Thanks,
Jayapal Reddy
/cloud/network/ExternalFirewallDeviceManagerImpl.java 1fc32d0
Diff: https://reviews.apache.org/r/10336/diff/
Testing
---
Unit Testing done.
Thanks,
Jayapal Reddy
generated e-mail. To reply, visit:
https://reviews.apache.org/r/10336/#review18804
---
On April 8, 2013, 12:36 p.m., Jayapal Reddy wrote:
---
This is an automatically generated e-mail
://reviews.apache.org/r/10040/diff/
Testing
---
1. Tested adding and removing the ip for nic using the APIs
Thanks,
Jayapal Reddy
Hi,
master non-oss build got failed in netscaler.
deps folder has cloud-netscaler-sdx.jar and cloud-netscaler.jar and ran the
install-non-oss.sh
Can any one suggest me how to build non-oss .
Please find below fail build logs.
[INFO] Apache CloudStack Plugin - F5 .
Thanks for the commnets.
I will consider the ACL deny rules and update the FS.
Thanks,
Jayapal
-Original Message-
From: Chiradeep Vittal
Sent: Saturday, March 30, 2013 3:49 AM
To: dev@cloudstack.apache.org
Cc: Jayapal Reddy Uradi; Abhinandan Prateek; Kishan Kavala
Subject: Re
rules for SRX
LGTM.
Only thing I'd be careful of the length of the policy name.
Note that the networkid is long, so you could end up with a policy name
egress-trust-untrust-1234567890123. Perhaps e-t-u-network-id
On 3/28/13 8:38 AM, Jayapal Reddy Uradi jayapalreddy.ur...@citrix.com
I would like to propose the new feature ACL on private gateway.
This feature is sub feature of the nTier 2.0 apps.
Currently we do not have way to control the traffic on the private gateway.
Using this feature we can configure the ingress/egress ACL on the private
gateway.
Jira Id:
I would like to propose feature NAT on private gateway.
This feature is sub feature of nTier2.0 apps.
Using this feature we can enable/disable the source NAT on the vpc private
gateway .
Jira ticket:
https://issues.apache.org/jira/browse/CLOUDSTACK-1828
FS :
201 - 255 of 255 matches
Mail list logo