Il 13/03/2014 21:00, Chloride Cull ha scritto: > Ah, yes, forgot about iptables. I added ACCEPT for 5000-5010 and it > seems to work. Thanks.
can you tell why 5000-5010 port range? After a clean AIO setup that range is not open: # Generated by iptables-save v1.4.18 on Fri Mar 14 11:01:52 2014 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [37952:11472658] -A INPUT -i lo -j ACCEPT -A INPUT -p icmp -m icmp --icmp-type any -j ACCEPT -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 5432 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 5900:6923 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 49152:49216 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 6100 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 111 -j ACCEPT -A INPUT -p udp -m state --state NEW -m udp --dport 111 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 662 -j ACCEPT -A INPUT -p udp -m state --state NEW -m udp --dport 662 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 875 -j ACCEPT -A INPUT -p udp -m state --state NEW -m udp --dport 875 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 892 -j ACCEPT -A INPUT -p udp -m state --state NEW -m udp --dport 892 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 2049 -j ACCEPT -A INPUT -p udp -m state --state NEW -m udp --dport 32769 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 32803 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited COMMIT # Completed on Fri Mar 14 11:01:52 2014 We can add that range to AIO setup, just want to understand why it's needed. > > On 2014-03-13 18:14, Bob Doolittle wrote: >> Try disabling firewalld and/or iptables. >> On Mar 13, 2014 1:08 PM, "Chloride Cull" <[email protected]> wrote: >> >>> So, I've finally managed to set up an all-in-one setup on a CentOS box. >>> Issue is, I can't connect to any running VMs, connecting to the console >>> works. After some headaches, I've found that VNC just fails, while Spice >>> says that there is no route to the host. Thinking it was just that it >>> disregarded /etc/hosts, I setup dnsmasq. Still got issues. >>> >>> dig shows it resolves, tracepath shows a path and ping gets replies. >>> (see <http://pastebin.com/raw.php?i=qWy8RnA6>) >>> >>> Have anyone here had similar issues? How did you do to fix it? >>> >>> _______________________________________________ >>> Users mailing list >>> [email protected] >>> http://lists.ovirt.org/mailman/listinfo/users >>> >> > > _______________________________________________ > Users mailing list > [email protected] > http://lists.ovirt.org/mailman/listinfo/users > -- Sandro Bonazzola Better technology. Faster innovation. Powered by community collaboration. See how it works at redhat.com _______________________________________________ Users mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/users
