Not sure if that is the problem. On the xenserver host I can do: [root@srvengxen02 ~]# gethostip download.cloud.com s3-2-w.amazonaws.com 207.171.189.81 CFABBD51
Or does the SSVM's way of doing lookups not work with MS dns servers? On Tue, Apr 30, 2013 at 3:30 PM, Warren Nicholson < warren.nichol...@nfinausa.com> wrote: > I had this same problem. > > I replaced the Internal DNS server with External DN Server > address of 8.8.8.8 and it started working. > > The issue is 172.30.20.176 is either not a domain name server, > or it is and can't resolve cloud.download.com. > > You can change this in the zone setup and destroy your > SSVM and Console VM and it will rebuild them. > > Warren > > -----Original Message----- > From: Carlos Reategui [mailto:create...@gmail.com] > Sent: Tuesday, April 30, 2013 5:10 PM > To: users@cloudstack.apache.org > Subject: SSVM unable to connect to DNS > > The SSVM in my rebuilt setup does not appear to be able to connect to the > DNS servers. > > root@s-1-VM:~# /usr/local/cloud/systemvm/ssvm-check.sh > ================================================ > First DNS server is 172.30.20.176 > PING 172.30.20.176 (172.30.20.176): 56 data bytes > 64 bytes from 172.30.20.176: icmp_seq=0 ttl=127 time=0.714 ms > 64 bytes from 172.30.20.176: icmp_seq=1 ttl=127 time=0.681 ms > --- 172.30.20.176 ping statistics --- > 2 packets transmitted, 2 packets received, 0% packet loss round-trip > min/avg/max/stddev = 0.681/0.698/0.714/0.000 ms > Good: Can ping DNS server > ================================================ > ERROR: DNS not resolving download.cloud.com resolv.conf follows nameserver > 172.30.20.176 nameserver 172.30.20.175 nameserver 172.30.20.176 nameserver > 172.30.20.175 > > root@s-1-VM:~# nslookup cloud.com > ;; connection timed out; no servers could be reached > > root@s-1-VM:~# nslookup > > server 8.8.8.8 > Default server: 8.8.8.8 > Address: 8.8.8.8#53 > > download.cloud.com > ;; connection timed out; no servers could be reached > > > > root@s-1-VM:~# iptables -L -n > Chain INPUT (policy DROP) > target prot opt source destination > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp > dpt:443 > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp > dpt:80 > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp > dpt:3922 > ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state > RELATED,ESTABLISHED > ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state > RELATED,ESTABLISHED > ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state > RELATED,ESTABLISHED > ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state > RELATED,ESTABLISHED > ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 > DROP icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 13 > ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp > dpt:3922 > > Chain FORWARD (policy DROP) > target prot opt source destination > > Chain OUTPUT (policy ACCEPT) > target prot opt source destination > REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp > dpt:80 reject-with icmp-port-unreachable > REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp > dpt:443 reject-with icmp-port-unreachable > > Chain HTTP (0 references) > target prot opt source destination > > > Where should I look next? > > thanks > Carlos > >