>From VM if you are not able to ping public side then it is your setup issue. It can be debugged by capturing packets on the router guest interface and public interface to see wether the packets are reaching to router or not
Thanks, Jayapal On 22-May-2013, at 3:49 PM, Jayapal Reddy Uradi <jayapalreddy.ur...@citrix.com> wrote: > > You need pining router VM public IP from public network/subnet ? > - You need to add icmp firewall rule on the public IP to enable ping request > on the public ip > > Thanks, > Jayapal > > > On 22-May-2013, at 3:45 PM, wq meng <wqm...@gmail.com> > wrote: > >> Hello Jayapal >> >> There is no problem to ping Google from the Router VM, Only problem is that >> I can not ping the Router VM public IP from outside. >> >> root@r-4-VM:~# ping www.google.com >> PING www.google.com (173.194.64.147): 56 data bytes >> 64 bytes from 173.194.64.147: icmp_seq=0 ttl=48 time=53.194 ms >> 64 bytes from 173.194.64.147: icmp_seq=1 ttl=48 time=53.190 ms >> 64 bytes from 173.194.64.147: icmp_seq=2 ttl=48 time=53.286 ms >> 64 bytes from 173.194.64.147: icmp_seq=3 ttl=48 time=53.207 ms >> ^C--- www.google.com ping statistics --- >> 4 packets transmitted, 4 packets received, 0% packet loss >> round-trip min/avg/max/stddev = 53.190/53.219/53.286/0.039 ms >> >> root@r-4-VM:~# iptables -L -nv >> Chain INPUT (policy DROP 583 packets, 18656 bytes) >> pkts bytes target prot opt in out source >> destination >> 7009 1074K NETWORK_STATS all -- * * 0.0.0.0/0 >> 0.0.0.0/0 >> 0 0 ACCEPT all -- * * 0.0.0.0/0 >> 224.0.0.18 >> 0 0 ACCEPT all -- * * 0.0.0.0/0 >> 225.0.0.50 >> 0 0 ACCEPT all -- eth0 * 0.0.0.0/0 >> 0.0.0.0/0 state RELATED,ESTABLISHED >> 5619 1007K ACCEPT all -- eth1 * 0.0.0.0/0 >> 0.0.0.0/0 state RELATED,ESTABLISHED >> 24 2906 ACCEPT all -- eth2 * 0.0.0.0/0 >> 0.0.0.0/0 state RELATED,ESTABLISHED >> 57 4825 ACCEPT icmp -- * * 0.0.0.0/0 >> 0.0.0.0/0 >> 5 293 ACCEPT all -- lo * 0.0.0.0/0 >> 0.0.0.0/0 >> 0 0 ACCEPT udp -- eth0 * 0.0.0.0/0 >> 0.0.0.0/0 udp dpt:67 >> 349 24753 ACCEPT udp -- eth0 * 0.0.0.0/0 >> 0.0.0.0/0 udp dpt:53 >> 318 19080 ACCEPT tcp -- eth1 * 0.0.0.0/0 >> 0.0.0.0/0 state NEW tcp dpt:3922 >> 0 0 ACCEPT tcp -- eth0 * 0.0.0.0/0 >> 0.0.0.0/0 state NEW tcp dpt:8080 >> 0 0 ACCEPT tcp -- eth0 * 0.0.0.0/0 >> 0.0.0.0/0 state NEW tcp dpt:80 >> >> Chain FORWARD (policy DROP 0 packets, 0 bytes) >> pkts bytes target prot opt in out source >> destination >> 8735 1159K NETWORK_STATS all -- * * 0.0.0.0/0 >> 0.0.0.0/0 >> 0 0 ACCEPT all -- eth0 eth1 0.0.0.0/0 >> 0.0.0.0/0 state RELATED,ESTABLISHED >> 4746 775K ACCEPT all -- eth0 eth2 0.0.0.0/0 >> 0.0.0.0/0 >> 3657 364K ACCEPT all -- eth2 eth0 0.0.0.0/0 >> 0.0.0.0/0 state RELATED,ESTABLISHED >> 0 0 ACCEPT all -- eth0 eth0 0.0.0.0/0 >> 0.0.0.0/0 state NEW >> 0 0 ACCEPT all -- eth0 eth0 0.0.0.0/0 >> 0.0.0.0/0 state RELATED,ESTABLISHED >> 0 0 ACCEPT all -- eth3 eth0 0.0.0.0/0 >> 0.0.0.0/0 state RELATED,ESTABLISHED >> 0 0 ACCEPT all -- eth0 eth3 0.0.0.0/0 >> 0.0.0.0/0 >> 0 0 ACCEPT tcp -- * * 0.0.0.0/0 >> 10.1.1.5 state RELATED,ESTABLISHED /* 198.105.191.245:22:22 */ >> 332 19920 ACCEPT tcp -- * * 0.0.0.0/0 >> 10.1.1.5 tcp dpt:22 state NEW /* 198.105.191.245:22:22 */ >> 0 0 ACCEPT tcp -- * * 0.0.0.0/0 >> 10.1.1.5 state RELATED,ESTABLISHED /* 198.105.191.245:80:80 */ >> 0 0 ACCEPT tcp -- * * 0.0.0.0/0 >> 10.1.1.5 tcp dpt:80 state NEW /* 198.105.191.245:80:80 */ >> 0 0 ACCEPT all -- eth4 eth0 0.0.0.0/0 >> 0.0.0.0/0 state RELATED,ESTABLISHED >> 0 0 ACCEPT all -- eth0 eth4 0.0.0.0/0 >> 0.0.0.0/0 >> 0 0 ACCEPT all -- eth5 eth0 0.0.0.0/0 >> 0.0.0.0/0 state RELATED,ESTABLISHED >> 0 0 ACCEPT all -- eth0 eth5 0.0.0.0/0 >> 0.0.0.0/0 >> 0 0 ACCEPT all -- eth6 eth0 0.0.0.0/0 >> 0.0.0.0/0 state RELATED,ESTABLISHED >> 0 0 ACCEPT all -- eth0 eth6 0.0.0.0/0 >> 0.0.0.0/0 >> 0 0 ACCEPT all -- eth7 eth0 0.0.0.0/0 >> 0.0.0.0/0 state RELATED,ESTABLISHED >> 0 0 ACCEPT all -- eth0 eth7 0.0.0.0/0 >> 0.0.0.0/0 >> >> Chain OUTPUT (policy ACCEPT 704 packets, 122K bytes) >> pkts bytes target prot opt in out source >> destination >> 6195 1039K NETWORK_STATS all -- * * 0.0.0.0/0 >> 0.0.0.0/0 >> >> Chain NETWORK_STATS (3 references) >> pkts bytes target prot opt in out source >> destination >> 4746 775K all -- eth0 eth2 0.0.0.0/0 >> 0.0.0.0/0 >> 3989 384K all -- eth2 eth0 0.0.0.0/0 >> 0.0.0.0/0 >> 0 0 tcp -- !eth0 eth2 0.0.0.0/0 >> 0.0.0.0/0 >> 2 100 tcp -- eth2 !eth0 0.0.0.0/0 >> 0.0.0.0/0 >> 0 0 all -- eth0 eth3 0.0.0.0/0 >> 0.0.0.0/0 >> 0 0 all -- eth3 eth0 0.0.0.0/0 >> 0.0.0.0/0 >> 0 0 tcp -- !eth0 eth3 0.0.0.0/0 >> 0.0.0.0/0 >> 0 0 tcp -- eth3 !eth0 0.0.0.0/0 >> 0.0.0.0/0 >> 0 0 all -- eth0 eth4 0.0.0.0/0 >> 0.0.0.0/0 >> 0 0 all -- eth4 eth0 0.0.0.0/0 >> 0.0.0.0/0 >> 0 0 tcp -- !eth0 eth4 0.0.0.0/0 >> 0.0.0.0/0 >> 0 0 tcp -- eth4 !eth0 0.0.0.0/0 >> 0.0.0.0/0 >> 0 0 all -- eth0 eth5 0.0.0.0/0 >> 0.0.0.0/0 >> 0 0 all -- eth5 eth0 0.0.0.0/0 >> 0.0.0.0/0 >> 0 0 tcp -- !eth0 eth5 0.0.0.0/0 >> 0.0.0.0/0 >> 0 0 tcp -- eth5 !eth0 0.0.0.0/0 >> 0.0.0.0/0 >> 0 0 all -- eth0 eth6 0.0.0.0/0 >> 0.0.0.0/0 >> 0 0 all -- eth6 eth0 0.0.0.0/0 >> 0.0.0.0/0 >> 0 0 tcp -- !eth0 eth6 0.0.0.0/0 >> 0.0.0.0/0 >> 0 0 tcp -- eth6 !eth0 0.0.0.0/0 >> 0.0.0.0/0 >> 0 0 all -- eth0 eth7 0.0.0.0/0 >> 0.0.0.0/0 >> 0 0 all -- eth7 eth0 0.0.0.0/0 >> 0.0.0.0/0 >> 0 0 tcp -- !eth0 eth7 0.0.0.0/0 >> 0.0.0.0/0 >> 0 0 tcp -- eth7 !eth0 0.0.0.0/0 >> 0.0.0.0/0 >> root@r-4-VM:~# >> >> >> >> ------------------------------------------------------------------------------------ >> Below is from the Guest VM instance. >> >> Not sure how to capture the package . >> >> But I do a tracepath www.google.com inside the guest VM. >> >> From the output, >> >> [root@CentOS5-5 ~]# tracepath www.google.com >> 1: r-4-VM.cs2cloud.internal (10.1.1.1) 0.149ms >> 2: no reply >> 3: no reply >> 4: no reply >> >> [root@CentOS5-5 ~]# iptables -L -nv >> Chain INPUT (policy ACCEPT 0 packets, 0 bytes) >> pkts bytes target prot opt in out source >> destination >> 15198 1412K RH-Firewall-1-INPUT all -- * * 0.0.0.0/0 >> 0.0.0.0/0 >> >> Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) >> pkts bytes target prot opt in out source >> destination >> 0 0 RH-Firewall-1-INPUT all -- * * 0.0.0.0/0 >> 0.0.0.0/0 >> >> Chain OUTPUT (policy ACCEPT 17238 packets, 7377K bytes) >> pkts bytes target prot opt in out source >> destination >> >> Chain RH-Firewall-1-INPUT (2 references) >> pkts bytes target prot opt in out source >> destination >> 56 9116 ACCEPT all -- lo * 0.0.0.0/0 >> 0.0.0.0/0 >> 22 3360 ACCEPT icmp -- * * 0.0.0.0/0 >> 0.0.0.0/0 icmp type 255 >> 0 0 ACCEPT esp -- * * 0.0.0.0/0 >> 0.0.0.0/0 >> 0 0 ACCEPT ah -- * * 0.0.0.0/0 >> 0.0.0.0/0 >> 13 2124 ACCEPT udp -- * * 0.0.0.0/0 >> 224.0.0.251 udp dpt:5353 >> 0 0 ACCEPT udp -- * * 0.0.0.0/0 >> 0.0.0.0/0 udp dpt:631 >> 0 0 ACCEPT tcp -- * * 0.0.0.0/0 >> 0.0.0.0/0 tcp dpt:631 >> 13536 1320K ACCEPT all -- * * 0.0.0.0/0 >> 0.0.0.0/0 state RELATED,ESTABLISHED >> 931 55796 ACCEPT tcp -- * * 0.0.0.0/0 >> 0.0.0.0/0 state NEW tcp dpt:22 >> 640 21690 REJECT all -- * * 0.0.0.0/0 >> 0.0.0.0/0 reject-with icmp-host-prohibited >> >> >> Inside the VM, Can ping other VMs' guest IP. >> >> >> [root@CentOS5-5 ~]# ping 10.1.1.36 >> PING 10.1.1.36 (10.1.1.36) 56(84) bytes of data. >> 64 bytes from 10.1.1.36: icmp_seq=1 ttl=64 time=1.32 ms >> 64 bytes from 10.1.1.36: icmp_seq=2 ttl=64 time=0.156 ms >> 64 bytes from 10.1.1.36: icmp_seq=3 ttl=64 time=0.134 ms >> >> --- 10.1.1.36 ping statistics --- >> 3 packets transmitted, 3 received, 0% packet loss, time 2000ms >> rtt min/avg/max/mdev = 0.134/0.538/1.326/0.557 ms >> [root@CentOS5-5 ~]# ifconfig >> eth0 Link encap:Ethernet HWaddr 02:00:2D:C8:00:01 >> inet addr:10.1.1.5 Bcast:10.1.1.255 Mask:255.255.255.0 >> inet6 addr: fe80::2dff:fec8:1/64 Scope:Link >> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 >> RX packets:16846 errors:0 dropped:0 overruns:0 frame:0 >> TX packets:18252 errors:0 dropped:0 overruns:0 carrier:0 >> collisions:0 txqueuelen:1000 >> RX bytes:1716037 (1.6 MiB) TX bytes:7661658 (7.3 MiB) >> >> lo Link encap:Local Loopback >> inet addr:127.0.0.1 Mask:255.0.0.0 >> inet6 addr: ::1/128 Scope:Host >> UP LOOPBACK RUNNING MTU:16436 Metric:1 >> RX packets:56 errors:0 dropped:0 overruns:0 frame:0 >> TX packets:56 errors:0 dropped:0 overruns:0 carrier:0 >> collisions:0 txqueuelen:0 >> RX bytes:9116 (8.9 KiB) TX bytes:9116 (8.9 KiB) >> >> >> >> [root@CentOS5-5 ~]# ping www.google.com >> PING www.google.com (173.194.64.104) 56(84) bytes of data. >> ^C >> --- www.google.com ping statistics --- >> 6 packets transmitted, 0 received, 100% packet loss, time 5000ms >> >> >> >> Any problems? >> >> Thank you so much. >> >> >> >> On Wed, May 22, 2013 at 4:14 PM, Jayapal Reddy Uradi < >> jayapalreddy.ur...@citrix.com> wrote: >> >>> By looking at the iptables rules, there is no egress rules feature in your >>> deployment. >>> In your case the issue seems to be different. >>> >>> Please do the below trouble shooting. >>> Ping from the guest vm to public subnet/google and try to capture the >>> packets on the router guest interface and public interface. >>> Check wether the packets are reaching to public interface of VR or not. >>> >>> Also send iptables -L -nv output. >>> >>> Thanks, >>> Jayapal >>> >>> On 22-May-2013, at 1:18 PM, wq meng <wqm...@gmail.com> >>> wrote: >>> >>>> Hello Jayapal >>>> >>>> I know very little about api yet. >>>> >>>> I login to the VRouter VM, Can I change the rules to get work? >>>> >>>> On >>>> >>> https://cwiki.apache.org/confluence/display/CLOUDSTACK/Egress+firewall+rules+for+guest+network >>>> >>>> It says some Chains , but I can not find them inside my VRouter VM. >>>> >>>> ==================== >>>> >>>> firewallRule_egress.sh script get called on the virtual router. >>>> >>>> The egress rules are added in filter table table, FW_EGRESS_RULES chain. >>>> >>>> All the traffic from eth0 eth2 (public interface) will be send to the >>>> FW_OUTBOUND chain. >>>> >>>> *iptables rules:* >>>> >>>> *Default rules:* >>>> >>>> ipassoc.sh adding rule to ACCEPT traffic from eth0 to public interface. >>>> >>>> Modified the rule to send egress traffic to the FW_OUTBOUND chain. >>>> >>>> *iptables -A FORWARD -i eth0 -o eth2 -j FW_OUTBOUND* >>>> >>>> *Rules added while configuring:* >>>> >>>> Ex: Egress rule to block the port 22 (ssh) traffic from 10.1.1.31/32 >>>> >>>> *iptables -A **FW_OUTBOUND **-j EGRESS_FWRULES* >>>> >>>> *iptables -A EGRESS_FWRULES -s 10.1.1.31/32 -p tcp --dport 22:22 >>> -j >>>> ACCEPT* >>>> ====================== >>>> >>>> >>>> >>>> >>>> >>>> Here is how the current iptables shows. >>>> >>>> >>> -------------------------------------------------------------------------------- >>>> root@r-4-VM:~# iptables -L >>>> Chain INPUT (policy DROP) >>>> target prot opt source destination >>>> NETWORK_STATS all -- anywhere anywhere >>>> ACCEPT all -- anywhere vrrp.mcast.net >>>> ACCEPT all -- anywhere 225.0.0.50 >>>> ACCEPT all -- anywhere anywhere state >>>> RELATED,ESTABLISHED >>>> ACCEPT all -- anywhere anywhere state >>>> RELATED,ESTABLISHED >>>> ACCEPT all -- anywhere anywhere state >>>> RELATED,ESTABLISHED >>>> ACCEPT icmp -- anywhere anywhere >>>> ACCEPT all -- anywhere anywhere >>>> ACCEPT udp -- anywhere anywhere udp >>> dpt:bootps >>>> ACCEPT udp -- anywhere anywhere udp >>> dpt:domain >>>> ACCEPT tcp -- anywhere anywhere state NEW >>> tcp >>>> dpt:3922 >>>> ACCEPT tcp -- anywhere anywhere state NEW >>> tcp >>>> dpt:http-alt >>>> ACCEPT tcp -- anywhere anywhere state NEW >>> tcp >>>> dpt:www >>>> >>>> Chain FORWARD (policy DROP) >>>> target prot opt source destination >>>> NETWORK_STATS all -- anywhere anywhere >>>> ACCEPT all -- anywhere anywhere state >>>> RELATED,ESTABLISHED >>>> ACCEPT all -- anywhere anywhere >>>> ACCEPT all -- anywhere anywhere state >>>> RELATED,ESTABLISHED >>>> ACCEPT all -- anywhere anywhere state NEW >>>> ACCEPT all -- anywhere anywhere state >>>> RELATED,ESTABLISHED >>>> ACCEPT all -- anywhere anywhere state >>>> RELATED,ESTABLISHED >>>> ACCEPT all -- anywhere anywhere >>>> ACCEPT all -- anywhere anywhere state >>>> RELATED,ESTABLISHED >>>> ACCEPT all -- anywhere anywhere >>>> ACCEPT all -- anywhere anywhere state >>>> RELATED,ESTABLISHED >>>> ACCEPT all -- anywhere anywhere >>>> ACCEPT all -- anywhere anywhere state >>>> RELATED,ESTABLISHED >>>> ACCEPT all -- anywhere anywhere >>>> ACCEPT all -- anywhere anywhere state >>>> RELATED,ESTABLISHED >>>> ACCEPT all -- anywhere anywhere >>>> >>>> Chain OUTPUT (policy ACCEPT) >>>> target prot opt source destination >>>> NETWORK_STATS all -- anywhere anywhere >>>> >>>> Chain NETWORK_STATS (3 references) >>>> target prot opt source destination >>>> all -- anywhere anywhere >>>> all -- anywhere anywhere >>>> tcp -- anywhere anywhere >>>> tcp -- anywhere anywhere >>>> all -- anywhere anywhere >>>> all -- anywhere anywhere >>>> tcp -- anywhere anywhere >>>> tcp -- anywhere anywhere >>>> all -- anywhere anywhere >>>> all -- anywhere anywhere >>>> tcp -- anywhere anywhere >>>> tcp -- anywhere anywhere >>>> all -- anywhere anywhere >>>> all -- anywhere anywhere >>>> tcp -- anywhere anywhere >>>> tcp -- anywhere anywhere >>>> all -- anywhere anywhere >>>> all -- anywhere anywhere >>>> tcp -- anywhere anywhere >>>> tcp -- anywhere anywhere >>>> all -- anywhere anywhere >>>> all -- anywhere anywhere >>>> tcp -- anywhere anywhere >>>> tcp -- anywhere anywhere >>>> >>>> >>>> And the link have been fixed in the Git ? >>>> >>>> Thank you so much. >>>> >>>> >>>> On Wed, May 22, 2013 at 2:55 PM, Jayapal Reddy Uradi < >>>> jayapalreddy.ur...@citrix.com> wrote: >>>> >>>>> >>>>> I think UI link is missed but it is fixed after that. >>>>> Try to add rules using the API 'createEgressFirewallRule' >>>>> >>>>> Thanks, >>>>> Jayapal >>>>> >>>>> On 22-May-2013, at 12:05 PM, wq meng <wqm...@gmail.com> >>>>> wrote: >>>>> >>>>>> Hello Jayapal, >>>>>> >>>>>> >>>>>> >>>>> >>> https://cwiki.apache.org/CLOUDSTACK/egress-firewall-rules-for-guest-network.html >>>>>> >>>>>> I have checked Network -> Guest Network (Name) -> >>>>>> >>>>>> I can not find out any Egress fire rule tab. >>>>>> >>>>>> >>>>>> Have I missed something? >>>>>> >>>>>> >>>>>> Thank you very much. >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> On Wed, May 22, 2013 at 1:23 PM, Jayapal Reddy Uradi < >>>>>> jayapalreddy.ur...@citrix.com> wrote: >>>>>> >>>>>>> Hi, >>>>>>> >>>>>>> Did you configure the egress firewall rules on the guest network ? >>>>>>> You need to add egress rules to allow guest traffic. >>>>>>> >>>>>>> After adding egress rule it not works, please send router iptables >>>>> rules. >>>>>>> >>>>>>> Thanks, >>>>>>> Jayapal >>>>>>> >>>>>>> On 22-May-2013, at 4:10 AM, wq meng <wqm...@gmail.com> wrote: >>>>>>> >>>>>>>> Hello >>>>>>>> >>>>>>>> Anyone have faced this problem? CS4.02 KVM Advanced Network, VM >>>>> instance >>>>>>>> can not access public IP. NAT(Source) >>>>>>>> >>>>>>>> >>>>>>>> That the VM instance running, but inside the VM instance, it is not >>>>>>>> possible to access outside. >>>>>>>> >>>>>>>> >>>>>>>> It can ping VMs each other, It can ping google.com in the* Virtual >>>>>>> Router >>>>>>>> VM.* >>>>>>>> >>>>>>>> But just can not ping Google.com inside the VM instance. >>>>>>>> >>>>>>>> >>>>>>>> Seems inside the VM instance, It can resolve the Google.com 's IP >>>>>>> address. >>>>>>>> BUT can not do others. >>>>>>>> >>>>>>>> Please see the following output. >>>>>>>> >>>>>>>> >>>>>>>> ------------------------ >>>>>>>> [root@CentOS5-5 ~]# wget www.google.com >>>>>>>> --2013-05-21 08:30:39-- http://www.google.com/ >>>>>>>> Resolving www.google.com... 173.194.64.104, 173.194.64.99, >>>>>>> 173.194.64.105, >>>>>>>> ... >>>>>>>> Connecting to www.google.com|173.194.64.104|:80... >>>>>>>> [root@CentOS5-5 ~]# ls >>>>>>>> >>>>>>>> ------------------------- >>>>>>>> [root@CentOS5-5 ~]# iptables -L >>>>>>>> Chain INPUT (policy ACCEPT) >>>>>>>> target prot opt source destination >>>>>>>> RH-Firewall-1-INPUT all -- anywhere anywhere >>>>>>>> >>>>>>>> Chain FORWARD (policy ACCEPT) >>>>>>>> target prot opt source destination >>>>>>>> RH-Firewall-1-INPUT all -- anywhere anywhere >>>>>>>> >>>>>>>> Chain OUTPUT (policy ACCEPT) >>>>>>>> target prot opt source destination >>>>>>>> >>>>>>>> Chain RH-Firewall-1-INPUT (2 references) >>>>>>>> target prot opt source destination >>>>>>>> ACCEPT all -- anywhere anywhere >>>>>>>> ACCEPT icmp -- anywhere anywhere icmp any >>>>>>>> ACCEPT esp -- anywhere anywhere >>>>>>>> ACCEPT ah -- anywhere anywhere >>>>>>>> ACCEPT udp -- anywhere 224.0.0.251 udp >>>>> dpt:mdns >>>>>>>> ACCEPT udp -- anywhere anywhere udp >>>>> dpt:ipp >>>>>>>> ACCEPT tcp -- anywhere anywhere tcp >>>>> dpt:ipp >>>>>>>> ACCEPT all -- anywhere anywhere state >>>>>>>> RELATED,ESTABLISHED >>>>>>>> ACCEPT tcp -- anywhere anywhere state >>> NEW >>>>>>> tcp >>>>>>>> dpt:ssh >>>>>>>> REJECT all -- anywhere anywhere >>>>> reject-with >>>>>>>> icmp-host-prohibited >>>>>>>> [root@CentOS5-5 ~]# ping 8.8.8.8 >>>>>>>> PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. >>>>>>>> >>>>>>>> --- 8.8.8.8 ping statistics --- >>>>>>>> 3 packets transmitted, 0 received, 100% packet loss, time 2000ms >>>>>>>> >>>>>>>> -------------------------- >>>>>>>> [root@CentOS5-5 ~]# ifconfig >>>>>>>> eth0 Link encap:Ethernet HWaddr 02:00:2D:C8:00:01 >>>>>>>> inet addr:10.1.1.5 Bcast:10.1.1.255 Mask:255.255.255.0 >>>>>>>> inet6 addr: fe80::2dff:fec8:1/64 Scope:Link >>>>>>>> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 >>>>>>>> RX packets:2442 errors:0 dropped:0 overruns:0 frame:0 >>>>>>>> TX packets:2261 errors:0 dropped:0 overruns:0 carrier:0 >>>>>>>> collisions:0 txqueuelen:1000 >>>>>>>> RX bytes:174960 (170.8 KiB) TX bytes:154159 (150.5 KiB) >>>>>>>> >>>>>>>> lo Link encap:Local Loopback >>>>>>>> inet addr:127.0.0.1 Mask:255.0.0.0 >>>>>>>> inet6 addr: ::1/128 Scope:Host >>>>>>>> UP LOOPBACK RUNNING MTU:16436 Metric:1 >>>>>>>> RX packets:32 errors:0 dropped:0 overruns:0 frame:0 >>>>>>>> TX packets:32 errors:0 dropped:0 overruns:0 carrier:0 >>>>>>>> collisions:0 txqueuelen:0 >>>>>>>> RX bytes:3913 (3.8 KiB) TX bytes:3913 (3.8 KiB) >>>>>>>> >>>>>>>> ---------------------------- >>>>>>>> >>>>>>>> [root@CentOS5-5 ~]# tracert www.google.com >>>>>>>> traceroute to www.google.com (173.194.64.106), 30 hops max, 40 byte >>>>>>> packets >>>>>>>> 1 r-4-VM.cs2cloud.internal (10.1.1.1) 0.158 ms 0.136 ms 0.134 ms >>>>>>>> 2 * * * >>>>>>>> 3 * * * >>>>>>>> 4 * * * >>>>>>>> 5 * * * >>>>>>>> 6 * * * >>>>>>>> 7 * * * >>>>>>>> 8 * * * >>>>>>>> 9 * * * >>>>>>>> 10 * * * >>>>>>>> 11 * * * >>>>>>>> 12 * * * >>>>>>>> 13 * * * >>>>>>>> 14 * * * >>>>>>>> 15 * * * >>>>>>>> 16 * * * >>>>>>>> 17 * * * >>>>>>>> 18 * * * >>>>>>>> 19 * * * >>>>>>>> 20 * * * >>>>>>>> 21 * * * >>>>>>>> 22 * * * >>>>>>>> 23 * * * >>>>>>>> 24 * * * >>>>>>>> 25 * * * >>>>>>>> 26 * * * >>>>>>>> 27 * * * >>>>>>>> 28 * * * >>>>>>>> 29 * * * >>>>>>>> 30 * * * >>>>>>>> >>>>>>>> ---------------- >>>>>>>> >>>>>>>> >>>>>>>> Any thoughts? >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> Thank you very much. >>>>>>> >>>>>>> >>>>> >>>>> >>> >>> >
