[ https://issues.apache.org/jira/browse/CLOUDSTACK-5591?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13853856#comment-13853856 ]
Kiran Koneti commented on CLOUDSTACK-5591: ------------------------------------------ Used 64 bit systemVM template for the VMware while creating the Zone. > Public network is not reachable by the System Vm's. > --------------------------------------------------- > > Key: CLOUDSTACK-5591 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-5591 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) > Components: Install and Setup > Affects Versions: 4.3.0 > Reporter: Kiran Koneti > Priority: Blocker > Fix For: 4.3.0 > > > The setup details are as follows: > 1)Installed the CS setup and changed the global setting to allow the download > from the internal sites. > 2)Created a Advanced Zone setup with Vmware 5.5 where the system Vm's came up. > 3)Then added one more cluster for the KVm and added a KVM host. > 4)After adding the KVM ost the system Vm template for the KVM was not ready > and it shows as connection timed out. > 5)Then logged into the SSVM and tried to ping the public network then the > network was not reachable,even the default gateway was not pingable. > 6)When stopped the IP tables the gateway was pingable. > 7)When tried to check the arp of the gw using "arping the gatewayIP" it says > the eth0 is down and when eth0 is made up the ping was successful and the > public network was reachable. > 8)Then tried to restart the SSVM again the situation is same that the public > network is not reachable. > 9)If we leave the stup for longer time without making any changes the Public > network will be reachable and when rebooted again the network will not be > reached again. > The Iptables details are as below: > "iptables -L -nv > Chain INPUT (policy DROP 4 packets, 312 bytes) > pkts bytes target prot opt in out source > destination > 0 0 ACCEPT tcp -- eth2 * 0.0.0.0/0 0.0.0.0/0 > state NEW tcp dpt:443 > 0 0 ACCEPT tcp -- eth2 * 0.0.0.0/0 0.0.0.0/0 > state NEW tcp dpt:80 > 1 60 ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 > state NEW tcp dpt:3922 > 0 0 ACCEPT all -- eth0 * 0.0.0.0/0 0.0.0.0/0 > state RELATED,ESTABLISHED > 547 95190 ACCEPT all -- eth1 * 0.0.0.0/0 0.0.0.0/0 > state RELATED,ESTABLISHED > 2 262 ACCEPT all -- eth2 * 0.0.0.0/0 0.0.0.0/0 > state RELATED,ESTABLISHED > 0 0 ACCEPT all -- eth3 * 0.0.0.0/0 0.0.0.0/0 > state RELATED,ESTABLISHED > 10 588 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 > 0 0 DROP icmp -- * * 0.0.0.0/0 0.0.0.0/0 > icmptype 13 > 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 > 0 0 ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 > state NEW tcp dpt:3922 > Chain FORWARD (policy DROP 0 packets, 0 bytes) > pkts bytes target prot opt in out source > destination > Chain OUTPUT (policy ACCEPT 493 packets, 76135 bytes) > pkts bytes target prot opt in out source > destination > 0 0 ACCEPT tcp -- * eth1 0.0.0.0/0 > 10.147.28.0/24 state NEW tcp > 0 0 REJECT tcp -- * eth1 0.0.0.0/0 0.0.0.0/0 > state NEW tcp dpt:80 reject-with icmp-port-unreachable > 0 0 REJECT tcp -- * eth1 0.0.0.0/0 0.0.0.0/0 > state NEW tcp dpt:443 reject-with icmp-port-unreachable > Chain HTTP (0 references) > pkts bytes target prot opt in out source > destination" > The arping request is as below: > arping 10.147.X.X > Interface "eth0" is down -- This message was sent by Atlassian JIRA (v6.1.4#6159)