By default xen6.0.2 comes with openvswitch. Set it to bridge mode by using : "xe-switch-network-backend bridge" command on xenserver.
-----Original Message----- From: Michael Phillips [mailto:mphilli7...@hotmail.com] Sent: Thursday, September 19, 2013 10:16 AM To: users@cloudstack.apache.org Subject: RE: Security Groups Sorry posted the wrong thing...please view this. http://pastebin.com/NF28fpq7 > From: jayapalreddy.ur...@citrix.com > To: users@cloudstack.apache.org > Subject: Re: Security Groups > Date: Thu, 19 Sep 2013 04:40:14 +0000 > > There are no cloudstack configured iptables rules on your xen host. > It seems iptables are stopped on the host ? > > Please check is CSP installed correctly not he host. > Please try to force connect or host once. > > > Thanks, > Jayapal > > > > On 19-Sep-2013, at 9:50 AM, Michael Phillips <mphilli7...@hotmail.com> > wrote: > > > http://pastebin.com/xf9SBzVY > > > >> From: jayapalreddy.ur...@citrix.com > >> To: users@cloudstack.apache.org > >> Subject: Re: Security Groups > >> Date: Thu, 19 Sep 2013 03:54:51 +0000 > >> > >> Hi, > >> Can you please share host 'iptables -L -nv' output on pastebin > >> > >> Thanks, > >> Jayapal > >> > >> On 19-Sep-2013, at 8:04 AM, Michael Phillips > >> <mphilli7...@hotmail.com> > >> wrote: > >> > >>> Having troubles getting security groups to function My "test" > >>> environment is as follows: > >>> Cloudstack 4.1.1 on centos6.4Xen Server 6.0.2, CSP installed, > >>> iptables running...not sure if it needs to be but it is by default, all > >>> xen patches installed.Primary Storage = iscsiSecondary Storage = nfs on > >>> mgmt serverSystem VM's and router are running as expected.Network = flat > >>> 192.168.50.0/24 I then create 2 instances(vm's) based on the centos5.6 > >>> template provided and assign them to the "default" security group. The > >>> instances are able to "ping" each other, and I thought the expected > >>> behavior is that they should not be able to, since the default security > >>> group has 0 ingress rules which should block all inbound traffic. > >>> What could I be missing?? > >>> > >>> > >>> > >>> > >> > > >