Sangeetha Hariharan created CLOUDSTACK-106:
----------------------------------------------
Summary: Inter Vlan - When Vms are deployed as part of VPC , all
egress traffic is blocked. It should be open for all egress traffic until first
egress rule is added.
Key: CLOUDSTACK-106
URL: https://issues.apache.org/jira/browse/CLOUDSTACK-106
Project: CloudStack
Issue Type: Bug
Environment: Tested with:
Git Revision: 03df2fa9dd45c938f72cd1866044b09d1b0cc978
Git URL: https://git-wip-us.apache.org/repos/asf/incubator-cloudstack.git
Inter Vlan - When Vms are deployed as part of VPC , all egress traffic is
blocked. Its should be open for all egress traffic until first egress rule is
added.
Steps to reproduce the problem:
Create a VPC.
Create few networks in this VPC.
Deploy few vms as part of this VPC.
>From with in these Vms , try to access any server like ping google.com
We are NOT allowed access.
Expected Behavior:
By default , It should be open for all egress traffic until first egress rule
is added.
root@r-10-ASF:/opt/cloud/bin# iptables-save | grep OUTBOUND
:ACL_OUTBOUND_eth2 - [0:0]
:ACL_OUTBOUND_eth3 - [0:0]
-A PREROUTING -s 10.1.1.0/24 ! -d 10.1.1.1/32 -i eth2 -m state --state NEW -j
ACL_OUTBOUND_eth2
-A PREROUTING -s 10.1.2.0/24 ! -d 10.1.2.1/32 -i eth3 -m state --state NEW -j
ACL_OUTBOUND_eth3
-A ACL_OUTBOUND_eth2 -j DROP
-A ACL_OUTBOUND_eth3 -j DROP
Reporter: Sangeetha Hariharan
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
