Hi Tilak, Thanks for your kind response. I am using shared networking, not isolated and i see no option of defining egress rule there. Also every time i create a guest , it appears the cloud stack is not creating vnet interface on cloubr0 bridge - rather its creating another bridge interface on eth0 and then creating vnet. May be because of vlan defined. But i wonder how to get network interface on cloudbr0. Thanks Again. Best Regards Papu Bhattacharya CEO- PTR Technologies http://www.ptrsoft.com 91-9963111687
----- Original Message ----- From: "Tilak Raj Singh" <[email protected]> To: [email protected] Sent: Wednesday, December 3, 2014 6:05:06 AM Subject: Re: Can't ping/ssh any guest from a laptop attached in same vlan - guests can talk wth each other though try adding ingress rules in your security group from cloudstack UI...incoming traffic is disabled by default on virtual machines... rules to be added.. TCP start port 0 end port 65535 cidr 0.0.0.0/0 UDP start port 0 end port 65535 cidr 0.0.0.0/0 for ping allow ICMP too ICMP icmp type -1 icmp code -1 cidr 0.0.0.0/0 Regards On Tue, Dec 2, 2014 at 10:20 PM, papu bhattcharaya <[email protected]> wrote: > Hi, ( sending same mail with attachments image- seems early mail image was > not attached), > I am using cloudstack(4.4.1) with KVM host. I have a L3 switch - > partitioned to 4 vlans > public(CIDR:-192.168.1.0/24) > guest vlan (CIDR:-10.0.0.0/24) > management vlan (CIDR:-10.0.1.0/24) > storage vlan (CIDR:-10.0.2.0/24) > > I have a kvm host with four physical NICS that a connected in switch and > each NIC is connected in each different vlan. > I have created bridge over each physical nics:- > Cloudrbr0:-ip address:-10.0.0.24 connected on the port of the switch > belongs to guest vlan) > Cloudbr1:-ip address:-10.0.1.24 (connected on the port of the switch > belongs to management vlan) > Cloudbr2:-ip address:-10.0.2.24 (connected on the port of the switch > belongs to storage vlan) > Cloudbr3:-ip address:-192.168.1.24 (connected on the port of the switch > belongs to public vlan) > > I have a physical machine with four NICS and CloudStack management is > installed on it and four NICS are connected in four vlans with ip. > =>I have created a zone with advanced networking and everything been > success so far. > > when I created two instances(guests) on kvm host, I can ping this > instances with each other.( guest1/ guest2) > i.e > Instance1:-ip address:-10.0.0.90 > Instance2:-ip address:-10.0.0.91 > Virtual router:-ip address:-10.0.0.4 > Now when I tried to ping /ssh the guest from a laptop attached in same > vlan (guest vlan) , I can’t ping guests. > From the laptop , I can ping 10.0.0.24 ( my cloudbr0 ip – in KVM host > machine) , but cant ping/ssh any guest. > There is no firewall issues - i checked. > > I have attached a network diagram also for better understanding of issues. > > Could you please help me so that I can ping /ssh to any guest from any > machine in guest vlan. > Thanks in advance > > > Best Regards > Papu Bhattacharya > CEO- PTR Technologies > http://www.ptrsoft.com > 91-9963111687 > > ----- Original Message ----- > From: "papu bhattcharaya" <[email protected]> > To: [email protected] > Sent: Tuesday, December 2, 2014 10:15:30 PM > Subject: Fwd: Can't ping/ssh any guest from a laptop attached in same > vlan - guests can talk wth each other though > > > > Best Regards > Papu Bhattacharya > CEO- PTR Technologies > http://www.ptrsoft.com > 91-9963111687 > > ----- Forwarded Message ----- > From: "papu bhattcharaya" <[email protected]> > To: [email protected] > Sent: Tuesday, December 2, 2014 10:05:11 PM > Subject: Can't ping/ssh any guest from a laptop attached in same vlan - > guests can talk wth each other though > > Hi , > I am using cloudstack(4.4.1) with KVM host. I have a L3 switch - > partitioned to 4 vlans > public(CIDR:-192.168.1.0/24) > guest vlan (CIDR:-10.0.0.0/24) > management vlan (CIDR:-10.0.1.0/24) > storage vlan (CIDR:-10.0.2.0/24) > > I have a kvm host with four physical NICS that a connected in switch and > each NIC is connected in each different vlan. > I have created bridge over each physical nics:- > Cloudrbr0:-ip address:-10.0.0.24 connected on the port of the switch > belongs to guest vlan) > Cloudbr1:-ip address:-10.0.1.24 (connected on the port of the switch > belongs to management vlan) > Cloudbr2:-ip address:-10.0.2.24 (connected on the port of the switch > belongs to storage vlan) > Cloudbr3:-ip address:-192.168.1.24 (connected on the port of the switch > belongs to public vlan) > > I have a physical machine with four NICS and CloudStack management is > installed on it and four NICS are connected in four vlans with ip. > =>I have created a zone with advanced networking and everything been > success so far. > > when I created two instances(guests) on kvm host, I can ping this > instances with each other.( guest1/ guest2) > i.e > Instance1:-ip address:-10.0.0.90 > Instance2:-ip address:-10.0.0.91 > Virtual router:-ip address:-10.0.0.4 > Now when I tried to ping /ssh the guest from a laptop attached in same > vlan (guest vlan) , I can’t ping guests. > From the laptop , I can ping 10.0.0.24 ( my cloudbr0 ip – in KVM host > machine) , but cant ping/ssh any guest. > There is no firewall issues - i checked. > > I have attached a network diagram also for better understanding of issues. > > Could you please help me so that I can ping /ssh to any guest from any > machine in guest vlan. > Thanks in advance > > Best Regards > Papu Bhattacharya > CEO- PTR Technologies > http://www.ptrsoft.com > 91-9963111687 > >
