Hi Jeroen, Fair enough – happy to stand corrected if this is the case. If you can trace this back to a specific XS patch could you log a Jira ticket for it and provide details?
Regards, Dag Sonstebo Cloud Architect ShapeBlue From: Jeroen Keerl <[email protected]> Reply-To: "[email protected]" <[email protected]>, "[email protected]" <[email protected]> Date: Monday, 21 November 2016 at 13:27 To: "[email protected]" <[email protected]> Subject: AW: Firewall on xenserver Hi Dag, I've spent the last weeks doing some testing with CS4.9 and Xen 6.5 and I did not have this issue before. Only the last two tests (yesterday and last week) this behaviour popped up, both with clean Xen installations. Looking though the last hotfixes, this one might be the culprit, although this is rather a gut feeling. [email protected] www.shapeblue.com 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue -----Ursprüngliche Nachricht----- Von: Dag Sonstebo [mailto:[email protected]<mailto:[email protected]>] Gesendet: Montag, 21. November 2016 10:53 An: [email protected]<mailto:[email protected]> Betreff: Re: Firewall on xenserver Hi Ghait, This doesn’t sound like normal behavior for XenServer 6.5 under CloudStack – I’m not aware of any issues requiring the XS firewall to be modified. I would suggest rebuilding your hosts and re-add to CloudStack. With regards to OpenManage – I can see this does require some tweaking of firewalls (http://blog.hostduplex.com/2015/01/31/install-dell-openmanage-xenserver-6-5/ ) – but even this doesn’t require you to disable the firewall (this blog post suggests just adding a rule and restarting iptables). All in all my advice would be to troubleshoot and fix the underlying issue rather than disabling iptables – which could be a potential security issue. Regards, Dag Sonstebo Cloud Architect ShapeBlue On 21/11/2016, 09:39, "Ghaith Bannoura" <[email protected]<mailto:[email protected]>> wrote: The purpose for it as below : 1-the system VMs agent showing not running , after I stopped the firewall in xenservers its working normally 2-the instances accessible only when I stop the iptables from xenservers 2- I installed open manage in the servers (Manage hardware for Dell servers) that need changes from iptables ) I have advanced zone with ACS 4.8 and xenserver 6.5 Best Regards, EtQ, Inc. Ghaith Bannoura Senior System Administrator MCT, MCSE (Messaging, Server Infrastructure) MCSA (Windows Server 2008, 2012), MCP Phone: +9626-537-0923 Ext. 376 P [email protected]<mailto:[email protected]> G http://www.etq.com -----Original Message----- From: Dag Sonstebo [mailto:[email protected]<mailto:[email protected]>] Sent: Monday, November 21, 2016 11:05 AM To: [email protected]<mailto:[email protected]> Subject: Re: Firewall on xenserver Hi Ghait, Can you explain your rationale - i.e. what is the purpose of you changing XenServer firewall rules? Citrix seems to have a how-to article on https://support.citrix.com/article/CTX123930 . Regards, Dag Sonstebo Cloud Architect ShapeBlue On 21/11/2016, 08:14, "Ghaith Bannoura" <[email protected]<mailto:[email protected]>> wrote: Hello All, I have ACS 4.8 with xenserver 6.5 I modified the iptables in xenserver and its returned back as default , also I stopped the iptables many times and its returned running again . Can you please advice where I can modify iptables permanently in xenserver . Best Regards, EtQ, Inc. Ghaith Bannoura Senior System Administrator MCT, MCSE (Messaging, Server Infrastructure) MCSA (Windows Server 2008, 2012), MCP * Phone: +9626-537-0923 Ext. 376 * [email protected]<mailto:[email protected]> <mailto:[email protected]<mailto:[email protected]>> * http://www.etq.com<http://www.etq.com/> [email protected]<mailto:[email protected]> www.shapeblue.com<http://www.shapeblue.com> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue [email protected]<mailto:[email protected]> www.shapeblue.com<http://www.shapeblue.com> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue Jeroen Keerl Keerl IT Services GmbH Birkenstraße 1b . 21521 Aumühle +49 177 6320 317 www.keerl-it.com<http://www.keerl-it.com/> [email protected]<mailto:[email protected]> Geschäftsführer. Jacobus J. Keerl Registergericht Lubeck. HRB-Nr. 14511 Unsere Allgemeine Geschäftsbedingungen finden Sie hier.<http://www.keerl-it.com/AGB.pdf> [cid:d3544f14.06fb964e.PNG.2d8c1e66]
