:05 AM, Maurice Lawler
wrote:
> Sorry...
>
> Could someone please remind me, the chain I would need to delete from
> ebtables to permit traversing of a secondary IP on a specified instance?
>
> == Output from Ebtables ==
>
> -A i-2-9-VM-in -s ! 6:2f:ca:0:0:c -j DROP
> -A
Sorry...Could someone please remind me, the chain I would need to delete from ebtables to permit traversing of a secondary IP on a specified instance? == Output from Ebtables ==-A i-2-9-VM-in -s ! 6:2f:ca:0:0:c -j DROP-A i-2-9-VM-in -p ARP -s ! 6:2f:ca:0:0:c -j DROP-A i-2-9-VM-in -p ARP --arp-mac
<<< text/html; CHARSET=US-ASCII: Unrecognized >>>
<<< text/html; CHARSET=US-ASCII: Unrecognized >>>
Maurice,
You need to change the below rule in eatables to work for secondary ips.
ebtables -t nat -A + vmchain_in + -p ARP --arp-ip-src ! + vm_ip + -j DROP
ebtables -t nat -A + vmchain_out + -p ARP --arp-ip-dst ! + vm_ip + -j DROP
updated to:
ebtables -t nat -A + vmchain_in
I don't remember exactly, but if you look at what IS allowed in the
ebtables output, this will show you example rules.
On Fri, Apr 19, 2013 at 2:20 PM, Maurice Lawler wrote:
> Great -- My ebtables rules are back in place. Now, how can I go about
> dropping the rule to allow a s
<<< text/html; CHARSET=US-ASCII: Unrecognized >>>
you can go back and disable security groups in the zone if you don't care
about the ebtables rules, or you can start up ebtables and then restart any
associated VMs through cloudstack. The rules are dynamic, so they're not
going to be saved anywhere on the host to be reinstated, they
to
> allow communication via second IP address.
>
>
> On Apr 18, 2013, at 10:34 PM, Maurice Lawler wrote:
>
>> Disregard, for now, I have disabled/removed ebtables as shown here:
>>
>> http://mail-archives.apache.org/mo
, I have disabled/removed ebtables as shown here:
>
> http://mail-archives.apache.org/mod_mbox/incubator-cloudstack-users/201302.mbox/%3cb1df26ecc0458748ac97cece2da98d41012fa47b6...@sjcpmailbox01.citrite.net%3E
>
>
> On Apr 18, 2013, at 11:28 PM, Maurice Lawler
10 matches
Mail list logo
