cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Phillips <mphilli7...@hotmail.com>
Subject One last hurdle
Date Sun, 23 Feb 2014 00:37:45 GMT



I am almost there to having a working config with advanced network on vsphere 5.1
So I am using a pretty basic advanced network zone using vlan for isolation. Details are below:
Public range = x.x.233.0/24
Guest cidr = 10.1.1.0/24
VLAN range = 400-405

1. I create an instance of the default centos5.3 template, choosing to create a isolated network
based on "DefaultIsolatedNetworkOfferingWithSourceNatService"
2. The system spawns a system router.
3. The system spawns the guest vm.
4. The router is made a part of the public vlan 233 and the isolated vlan 400
5. The guest vm is made a part of the isolated vlan 400.
6. The router is assigned an IP address on the isolated network of 10.1.1.1. The router is
able to get out to the internet fine, and is able to ping the guest instance.
7. The guest is assigned an ip address on the isolated network. The guest vm is able to ping
the router
Network Topology would look as follows:
guestvm ---> system router ---> firewall ---> router ---> internet
Up to this point everything LOOKS perfect...BUT...my guest vm is not able to get out to the
internet.
At first I thought my problem might be with the hop after the system router which is my firewall.
So what I did was to imitate what CS is doing, but with windows machines. Basically I spawned
two machines, one which acted as a guest vm, the other to act as a system router. On the windows
box, which I simulated the system router, I enabled routing and remote access to enable NAT.
In this configuration the guest vm was able to use the simulated system router and browse
the internet just fine. The test topology would look as follows:
guest vm ---> simulated router running windows and NAT ---> firewall ---> router
---> internet
So this leads me to believe that something is wrong with the system router and how it is NAT'ing.
Up to this point I have tried the default network service "DefaultIsolatedNetworkOfferingWithSourceNatService"
and created a new network offering using DNS,DHCP, and SourceNAT. 
I think once I get past this hurdle I will be be good to go....any help is hugely appreciated!!




 		 	   		  
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message