Hi Martin,
This is a known issue, a freshly restarted VR may not have the EGREE related tables which is why any rules will fail to apply. As a workaround, you can restart the network without selecting the cleanup option which will reconfigure the VR and add the egress table. I've a fix in this PR: https://github.com/apache/cloudstack/pull/2508/files#diff-2d3ea57dfd9156e3983b1bb2d64abecd - Rohit <https://cloudstack.apache.org> ________________________________ From: Martin Emrich <martin.emr...@empolis.com> Sent: Tuesday, April 10, 2018 2:13:57 PM To: CloudStack-Users Subject: Egress rules not applied in 4.11.0 Hi! I upgraded my test cluster from 4.9 to 4.11. The default policy for isolated networks is "Deny". But now, adding rules to allow egress traffic are not applied to the virtual router. adding a 0.0.0.0/0 rule looks fine from the UI, but does not appear in the iptables output on the VR. Any Ideas? Thanks Martin rohit.ya...@shapeblue.com www.shapeblue.com 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
