Based on your screenshots, you have NOT set "Traffic Label" for each traffic type - this "traffic lab" should be == name of the bridge - so CloudStack knows which bridge to use for specific VLAN interface provisioning etc - this is the reason why nothing works in your env, probably.
Re the firewall, I guess reading the 2 following rules should tell you that Console traffic to port 80 and 443 is allowed: ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80 Go to old UI, and set traffic labels for Management, Storage, Guest and Public traffic types to be exactly the same as the name of the bridge that you want to use for each traffic type (cloudb0 or cloudbr1 in your case - but you need to understand what you want to do, via which bridge, and the underlying VLAN physical interfaces on your hypervisors, and if your switches support trunking mode (to be able to send all VLANs between different hypervisor hosts etc) Best, On Mon, 24 May 2021 at 09:58, Serge Byishimo <[email protected]> wrote: > Hi Rohit, > > Please let me know how I should reset the network coz I did it multiple > times, > > The public traffic type VLAN/VNI is vlan://untagged as you can see in the > Public Traffic Type Image (https://ibb.co/pZyJ74x) , but while configuring > the Advanced Network Configuration they asked me for a VLAN / VNI range and > I Put 150-200 as you can see on the physical network 1 image ( > https://ibb.co/BKnD79B) > > > Zone Details > > https://ibb.co/RpHz3pG > > > Physical Network 1 > > https://ibb.co/BKnD79B > > > Guest Traffic Type > > https://ibb.co/JC7MRW9 > > Management Traffic Type > > https://ibb.co/2Pg67D8 > > Public Traffic Type > > https://ibb.co/pZyJ74x > > https://ibb.co/X5cn2qm > > > > Storage Traffic Type > > https://ibb.co/PrxJBfN > > Console Proxy Details > > https://ibb.co/qkHFS4D > > > Thank you, > > Kind Regards, > > > > On Mon, May 24, 2021 at 9:36 AM Rohit Yadav <[email protected]> > wrote: > > > Hi Serge, > > > > Are you using VLAN 200 for your public IP range? You either need to fix > > your switches or remove the VLAN. Go to UI -> Zone -> physical network -> > > and check the IP range for public management traffic type. If that's the > > case, disable the zone and then destroy your systemvms and then remove > the > > IP range and readd the range with the VLAN untagged or blank. > > > > Regards. > > > > Regards, > > Rohit Yadav > > > > ________________________________ > > From: Serge Byishimo <[email protected]> > > Sent: Monday, May 24, 2021 12:58:42 PM > > To: [email protected] <[email protected]> > > Subject: Please Help ππΌππΌ > > > > Centos8 > > Cloudstack 4.15 > > > > System VMs are running and their Agent is UP, > > > > System VMs can ping the management server but the management server can > not > > ping any of the IPs of the System VMs, thus the web console is not > > accessible, > > > > Iβm thinking it is firewall rules on the System VM side that is causing > it, > > > > Any reasons why this is happening? > > > > ======== > > > > Console Proxy > > > > > > root@v-2-VM:~# > > root@v-2-VM:~# > > root@v-2-VM:~# /usr/local/cloud/systemvm/ssvm-check.sh > > ================================================ > > First DNS server is 8.8.8.8 > > PING 8.8.8.8 (8.8.8.8): 56 data bytes > > 64 bytes from 8.8.8.8: icmp_seq=0 ttl=113 time=29.581 ms > > 64 bytes from 8.8.8.8: icmp_seq=1 ttl=113 time=30.140 ms > > --- 8.8.8.8 ping statistics --- > > 2 packets transmitted, 2 packets received, 0% packet loss > > round-trip min/avg/max/stddev = 29.581/29.861/30.140/0.280 ms > > Good: Can ping DNS server > > ================================================ > > Good: DNS resolves cloudstack.apache.org > > ================================================ > > ERROR: NFS is not currently mounted > > Try manually mounting from inside the VM > > NFS server is 255.255.255.0 > > PING 255.255.255.0 (255.255.255.0): 56 data bytes > > --- 255.255.255.0 ping statistics --- > > 2 packets transmitted, 0 packets received, 100% packet loss > > WARNING: cannot ping nfs server > > routing table follows > > Kernel IP routing table > > Destination Gateway Genmask Flags Metric Ref Use > > Iface > > 0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 > > eth2 > > 8.8.4.4 192.168.1.1 255.255.255.255 UGH 0 0 0 > > eth1 > > 8.8.8.8 192.168.1.1 255.255.255.255 UGH 0 0 0 > > eth1 > > 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 > > eth0 > > 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 > > eth1 > > 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 > > eth2 > > ================================================ > > Management server is 192.168.1.8. Checking connectivity. > > Good: Can connect to management server 192.168.1.8 port 8250 > > ================================================ > > Good: Java process is running > > ================================================ > > Tests Complete. Look for ERROR or WARNING above. > > root@v-2-VM:~# > > > > > > > > > > > > root@v-2-VM:~# > > root@v-2-VM:~# iptables -nL > > Chain INPUT (policy DROP) > > target prot opt source destination > > ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 > > ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 8 > > ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state > > RELATED,ESTABLISHED > > ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state > > RELATED,ESTABLISHED > > ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state > > RELATED,ESTABLISHED > > ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 > > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW > > tcp > > dpt:3922 > > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW > > tcp > > dpt:8001 > > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW > > tcp > > dpt:8001 > > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW > > tcp > > dpt:443 > > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW > > tcp > > dpt:80 > > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW > > tcp > > dpt:8080 > > ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 > > > > Chain FORWARD (policy DROP) > > target prot opt source destination > > > > Chain OUTPUT (policy ACCEPT) > > target prot opt source destination > > root@v-2-VM:~# > > root@v-2-VM:~# > > > > > > > > ================ > > > > Host Network Configuration > > > > > > [root@srvr2 byishimo]# > > [root@srvr2 byishimo]# ifconfig > > br-200: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 > > ether c2:0e:f3:be:8b:14 txqueuelen 1000 (Ethernet) > > RX packets 0 bytes 0 (0.0 B) > > RX errors 0 dropped 0 overruns 0 frame 0 > > TX packets 0 bytes 0 (0.0 B) > > TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 > > > > brenp0s25-200: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 > > inet6 fe80::fc9c:5dff:fe6d:cd99 prefixlen 64 scopeid 0x20<link> > > ether d0:50:99:81:89:f5 txqueuelen 1000 (Ethernet) > > RX packets 151060 bytes 5159307 (4.9 MiB) > > RX errors 0 dropped 0 overruns 0 frame 0 > > TX packets 77 bytes 5606 (5.4 KiB) > > TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 > > > > cloud0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 > > inet 169.254.0.1 netmask 255.255.0.0 broadcast 0.0.0.0 > > inet6 fe80::c77:fbff:fe37:94cf prefixlen 64 scopeid 0x20<link> > > ether fe:00:a9:fe:10:72 txqueuelen 1000 (Ethernet) > > RX packets 50364 bytes 8410715 (8.0 MiB) > > RX errors 0 dropped 0 overruns 0 frame 0 > > TX packets 58434 bytes 8258165 (7.8 MiB) > > TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 > > > > cloudbr0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 > > inet 192.168.1.7 netmask 255.255.255.0 broadcast 192.168.1.255 > > inet6 fe80::d250:99ff:fe81:89f5 prefixlen 64 scopeid 0x20<link> > > ether d0:50:99:81:89:f5 txqueuelen 1000 (Ethernet) > > RX packets 1567172 bytes 12747824649 (11.8 GiB) > > RX errors 0 dropped 64945 overruns 0 frame 0 > > TX packets 1326109 bytes 6953807305 (6.4 GiB) > > TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 > > > > cloudbr1: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 > > ether 66:99:75:20:97:e0 txqueuelen 1000 (Ethernet) > > RX packets 0 bytes 0 (0.0 B) > > RX errors 0 dropped 0 overruns 0 frame 0 > > TX packets 0 bytes 0 (0.0 B) > > TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 > > > > enp0s25: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 > > ether d0:50:99:81:89:f5 txqueuelen 1000 (Ethernet) > > RX packets 5929074 bytes 7781346038 (7.2 GiB) > > RX errors 0 dropped 0 overruns 0 frame 0 > > TX packets 2762147 bytes 249304086 (237.7 MiB) > > TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 > > device interrupt 20 memory 0xfb200000-fb220000 > > > > enp0s25.200: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 > > inet6 fe80::d250:99ff:fe81:89f5 prefixlen 64 scopeid 0x20<link> > > ether d0:50:99:81:89:f5 txqueuelen 1000 (Ethernet) > > RX packets 0 bytes 0 (0.0 B) > > RX errors 0 dropped 0 overruns 0 frame 0 > > TX packets 147973 bytes 6219514 (5.9 MiB) > > TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 > > > > enp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 > > inet6 fe80::6a05:caff:fec6:6e9d prefixlen 64 scopeid 0x20<link> > > ether 68:05:ca:c6:6e:9d txqueuelen 1000 (Ethernet) > > RX packets 277071 bytes 36652364 (34.9 MiB) > > RX errors 0 dropped 64965 overruns 0 frame 0 > > TX packets 1816 bytes 169340 (165.3 KiB) > > TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 > > device interrupt 18 memory 0xfb1c0000-fb1e0000 > > > > lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 > > inet 127.0.0.1 netmask 255.0.0.0 > > inet6 ::1 prefixlen 128 scopeid 0x10<host> > > loop txqueuelen 1000 (Local Loopback) > > RX packets 2869120 bytes 18627106481 (17.3 GiB) > > RX errors 0 dropped 0 overruns 0 frame 0 > > TX packets 2869120 bytes 18627106481 (17.3 GiB) > > TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 > > > > vnet0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 > > inet6 fe80::fc00:a9ff:fefe:1072 prefixlen 64 scopeid 0x20<link> > > ether fe:00:a9:fe:10:72 txqueuelen 1000 (Ethernet) > > RX packets 3020 bytes 433653 (423.4 KiB) > > RX errors 0 dropped 0 overruns 0 frame 0 > > TX packets 4909 bytes 328353 (320.6 KiB) > > TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 > > > > vnet1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 > > inet6 fe80::fc00:58ff:fe00:c prefixlen 64 scopeid 0x20<link> > > ether fe:00:58:00:00:0c txqueuelen 1000 (Ethernet) > > RX packets 35050 bytes 3465454 (3.3 MiB) > > RX errors 0 dropped 0 overruns 0 frame 0 > > TX packets 91298 bytes 6368355 (6.0 MiB) > > TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 > > > > vnet2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 > > inet6 fe80::fc00:7dff:fe00:12 prefixlen 64 scopeid 0x20<link> > > ether fe:00:7d:00:00:12 txqueuelen 1000 (Ethernet) > > RX packets 9891 bytes 572274 (558.8 KiB) > > RX errors 0 dropped 0 overruns 0 frame 0 > > TX packets 68494 bytes 28588262 (27.2 MiB) > > TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 > > > > vnet3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 > > inet6 fe80::fc00:a9ff:fefe:d5d5 prefixlen 64 scopeid 0x20<link> > > ether fe:00:a9:fe:d5:d5 txqueuelen 1000 (Ethernet) > > RX packets 237 bytes 34056 (33.2 KiB) > > RX errors 0 dropped 0 overruns 0 frame 0 > > TX packets 1236 bytes 75604 (73.8 KiB) > > TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 > > > > vnet4: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 > > inet6 fe80::fc00:46ff:fe00:8 prefixlen 64 scopeid 0x20<link> > > ether fe:00:46:00:00:08 txqueuelen 1000 (Ethernet) > > RX packets 82835 bytes 3239704935 (3.0 GiB) > > RX errors 0 dropped 0 overruns 0 frame 0 > > TX packets 129702 bytes 1948268672 (1.8 GiB) > > TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 > > > > vnet5: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 > > inet6 fe80::fc00:5aff:fe00:11 prefixlen 64 scopeid 0x20<link> > > ether fe:00:5a:00:00:11 txqueuelen 1000 (Ethernet) > > RX packets 333471 bytes 19401455 (18.5 MiB) > > RX errors 0 dropped 0 overruns 0 frame 0 > > TX packets 573568 bytes 1495800481 (1.3 GiB) > > TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 > > > > vnet6: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 > > inet6 fe80::fc00:5dff:fe00:22 prefixlen 64 scopeid 0x20<link> > > ether fe:00:5d:00:00:22 txqueuelen 1000 (Ethernet) > > RX packets 36551 bytes 1535142 (1.4 MiB) > > RX errors 0 dropped 0 overruns 0 frame 0 > > TX packets 44 bytes 3176 (3.1 KiB) > > TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 > > > > vnet7: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 > > inet6 fe80::fc00:a9ff:fefe:c3e1 prefixlen 64 scopeid 0x20<link> > > ether fe:00:a9:fe:c3:e1 txqueuelen 1000 (Ethernet) > > RX packets 10143 bytes 1997181 (1.9 MiB) > > RX errors 0 dropped 0 overruns 0 frame 0 > > TX packets 11325 bytes 1899903 (1.8 MiB) > > TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 > > > > vnet8: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 > > inet6 fe80::fc00:12ff:fe00:21 prefixlen 64 scopeid 0x20<link> > > ether fe:00:12:00:00:21 txqueuelen 1000 (Ethernet) > > RX packets 909 bytes 298419 (291.4 KiB) > > RX errors 0 dropped 0 overruns 0 frame 0 > > TX packets 36585 bytes 1537926 (1.4 MiB) > > TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 > > > > [root@srvr2 byishimo]# > > [root@srvr2 byishimo]# > > [root@srvr2 byishimo]# > > [root@srvr2 byishimo]# route -n > > Kernel IP routing table > > Destination Gateway Genmask Flags Metric Ref Use > > Iface > > 0.0.0.0 192.168.1.1 0.0.0.0 UG 425 0 0 > > cloudbr0 > > 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 > > cloud0 > > 192.168.1.0 0.0.0.0 255.255.255.0 U 425 0 0 > > cloudbr0 > > [root@srvr2 byishimo]# > > [root@srvr2 byishimo]# > > [root@srvr2 byishimo]# ip link list > > 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode > > DEFAULT group default qlen 1000 > > link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 > > 2: enp0s25: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel > > master cloudbr0 state UP mode DEFAULT group default qlen 1000 > > link/ether d0:50:99:81:89:f5 brd ff:ff:ff:ff:ff:ff > > 3: enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel > state > > UP mode DEFAULT group default qlen 1000 > > link/ether 68:05:ca:c6:6e:9d brd ff:ff:ff:ff:ff:ff > > 4: cloudbr1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue > > state DOWN mode DEFAULT group default qlen 1000 > > link/ether 66:99:75:20:97:e0 brd ff:ff:ff:ff:ff:ff > > 5: cloudbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue > state > > UP mode DEFAULT group default qlen 1000 > > link/ether d0:50:99:81:89:f5 brd ff:ff:ff:ff:ff:ff > > 6: br-200: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue > state > > DOWN mode DEFAULT group default qlen 1000 > > link/ether c2:0e:f3:be:8b:14 brd ff:ff:ff:ff:ff:ff > > 7: cloud0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state > > UP mode DEFAULT group default qlen 1000 > > link/ether fe:00:a9:fe:10:72 brd ff:ff:ff:ff:ff:ff > > 40: enp0s25.200@enp0s25: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 > qdisc > > noqueue master brenp0s25-200 state UP mode DEFAULT group default qlen > 1000 > > link/ether d0:50:99:81:89:f5 brd ff:ff:ff:ff:ff:ff > > 41: brenp0s25-200: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc > noqueue > > state UP mode DEFAULT group default qlen 1000 > > link/ether d0:50:99:81:89:f5 brd ff:ff:ff:ff:ff:ff > > 84: vnet0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel > master > > cloud0 state UNKNOWN mode DEFAULT group default qlen 1000 > > link/ether fe:00:a9:fe:10:72 brd ff:ff:ff:ff:ff:ff > > 85: vnet1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel > master > > cloudbr0 state UNKNOWN mode DEFAULT group default qlen 1000 > > link/ether fe:00:58:00:00:0c brd ff:ff:ff:ff:ff:ff > > 86: vnet2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel > master > > cloudbr0 state UNKNOWN mode DEFAULT group default qlen 1000 > > link/ether fe:00:7d:00:00:12 brd ff:ff:ff:ff:ff:ff > > 87: vnet3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel > master > > cloud0 state UNKNOWN mode DEFAULT group default qlen 1000 > > link/ether fe:00:a9:fe:d5:d5 brd ff:ff:ff:ff:ff:ff > > 88: vnet4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel > master > > cloudbr0 state UNKNOWN mode DEFAULT group default qlen 1000 > > link/ether fe:00:46:00:00:08 brd ff:ff:ff:ff:ff:ff > > 89: vnet5: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel > master > > cloudbr0 state UNKNOWN mode DEFAULT group default qlen 1000 > > link/ether fe:00:5a:00:00:11 brd ff:ff:ff:ff:ff:ff > > 90: vnet6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc htb master > > brenp0s25-200 state UNKNOWN mode DEFAULT group default qlen 1000 > > link/ether fe:00:5d:00:00:22 brd ff:ff:ff:ff:ff:ff > > 91: vnet7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel > master > > cloud0 state UNKNOWN mode DEFAULT group default qlen 1000 > > link/ether fe:00:a9:fe:c3:e1 brd ff:ff:ff:ff:ff:ff > > 92: vnet8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc htb master > > brenp0s25-200 state UNKNOWN mode DEFAULT group default qlen 1000 > > link/ether fe:00:12:00:00:21 brd ff:ff:ff:ff:ff:ff > > [root@srvr2 byishimo]# > > > > > > > > > > -- > Byishimo Shema Serge > Kigali, Rwanda > Tel: +250 786 076 106 > www.serge.works > -- Andrija PaniΔ
