Adding a third IP works fine for me after deleting the DROP rules for non-CloudStack IPs.
Best regards, Kirk On 04/04/2013 06:46 PM, Maurice Lawler wrote: > Actually, I disabled ebtables. That seemed to clear the issue. However, > what is the proper way to add yet another IP address; when ebtables is > online. > > - Maurice > > On Apr 04, 2013, at 09:39 PM, Maurice Lawler <[email protected]> wrote: > >> One more thing, >> >> Your assistance was great, let me ask you this. I wanted to test to >> see how far I can push this. While I was able to have one primary IP >> addressed assigned by Cloud Stack and working with the ebtables I was >> then able to add a secondary IP address; however, adding a third IP >> address as I did the secondary IP address however, it fails; why is this? >> >> >> >> On Apr 04, 2013, at 09:30 PM, Maurice Lawler <[email protected]> >> wrote: >> >>> Kirk, >>> >>> THANK YOU THANK YOU THANK YOU ! >>> >>> That worked PERFECTLY !!!! >>> >>> Appreciate your help GREATLY! >>> >>> >>> Now if you or ANYONE can assist, a windows instance -- attaching a >>> secondary virtual drive on it; I was given an exe and an ISO to >>> install drivers; but I am not 100% >>> >>> - Maurice >>> >>> On Apr 04, 2013, at 07:14 PM, Kirk Kosinski <[email protected]> >>> wrote: >>> >>>> Hi, Maurice. The message you linked is about XenServer and not >>>> applicable to KVM. One of the main purposes of security groups is to >>>> prohibit exactly what you are trying to do. You may want to use a basic >>>> zone without security groups if you routinely need to bypass their >>>> functionality, or use an advanced zone to get full support for using >>>> multiple guest networks, or wait for official support for multiple IPs >>>> per NIC which seems to be coming in CloudStack 4.2 [1]. >>>> >>>> Anyway if this is a one-off case, one solution that seems to work is to >>>> delete the ebtables DROP rules on the host for IPs not assigned to the >>>> VM by CloudStack. There are inbound and outbound chains in the nat >>>> table for each VM. For example, list the rules: >>>> >>>> ebtables -t nat -L i-2-3-VM-in --Ln >>>> >>>> And delete the DROP rule for the IP: >>>> >>>> ebtables -t nat -D i-2-3-VM-in 4 >>>> >>>> Do the same for the i-2-3-VM-out chain, and redo these steps any time >>>> the VM migrates to a different host or is stopped and started. If you >>>> generally want to use security groups but don't mind if VMs use >>>> additional IPs, it should be possible to hack security_group.py on the >>>> hosts to prevent the DROP rules from being created in the first place. >>>> >>>> Best regards, >>>> Kirk >>>> >>>> [1] https://issues.apache.org/jira/browse/CLOUDSTACK-24 >>>> >>>> On 04/04/2013 01:23 PM, Maurice Lawler wrote: >>>> > Hello Kirk, >>>> > >>>> > Yes, I am; the default security group settings in the basic mode. >>>> > >>>> > >>>> > >>>> > On Apr 04, 2013, at 04:06 PM, Kirk Kosinski >>>> <[email protected] <mailto:[email protected]>> wrote: >>>> > >>>> >> Are you using security groups in your basic zone? >>>> >> >>>> >> Kirk >>>> >> >>>> >> On 04/04/2013 10:23 AM, Maurice Lawler wrote: >>>> >> > Hello, >>>> >> > >>>> >> > >>>> >> > Thank you so very much for the replies. I am using Basic Zone right >>>> >> now and yes, I would like the ability to assign a secondary IP >>>> address >>>> >> to any instance (should the instances I a hosting request them) at >>>> >> this point one has requested a secondary IP address. >>>> >> > >>>> >> > So the previous response, would that work in basic mode, how should >>>> >> I proceed? >>>> >> > >>>> >> > - Maurice >>>> >> > >>>> >> > >>>> >> > On Apr 4, 2013, at 10:29 AM, Ahmad Emneina <[email protected] >>>> <mailto:[email protected]> >>>> >> <mailto:[email protected] <mailto:[email protected]>>> wrote: >>>> >> > >>>> >> >> Dropping -dev as to not cross post. Just to clear things up... >>>> >> >> Maurice: this is for guests to have multiple ip's in a vm, right? >>>> >> Would these ip's be on the same subnet or a different network. I >>>> think >>>> >> Chiradeep posted a way to technically get around this. Also for >>>> >> further clarification, what cloudstack zone type are you working >>>> with? >>>> >> >> >>>> >> >> Ahmad >>>> >> >> >>>> >> >> On Apr 3, 2013, at 9:36 PM, Maurice Lawler >>>> <[email protected] <mailto:[email protected]> >>>> >> <mailto:[email protected] <mailto:[email protected]>>> wrote: >>>> >> >> >>>> >> >>> Hello Cloud Stack Family, >>>> >> >>> >>>> >> >>> >>>> >> >>> I have attempted to the best of my ability to set this up. I have >>>> >> an instance (actually two) I would like to toss one additional IP >>>> >> address to two different instances. Cloud Stack 4.0.1 is proving >>>> to be >>>> >> rather difficult to accomplish this in. >>>> >> >>> >>>> >> >>> Here is my set-up: >>>> >> >>> >>>> >> >>> Single Server | CentOS 6.3 | KVM | CS 4.0.1 >>>> >> >>> >>>> >> >>> Yesterday, I was provided a helpful link: >>>> >> http://markmail.org/message/bt7pqnen26v2o63k >>>> >> >>> >>>> >> >>> However, I am not making much sense out of that. >>>> >> >>> >>>> >> >>> If ANYONE has ANY experience adding a secondary IP address -- >>>> >> please feel free to rescue me from the quick sand I am slowly >>>> sinking in! >>>> >> >>> >>>> >> >>> I would greatly appreciate any and ALL help! >>>> >> >>> >>>> >> >>> Thanks again! >>>> >> >>> >>>> >> >>> - Maurice (aka: daoenix) >>>> >> >
