Re: [Rdo-list] http server problem with openstack

New iptables -nL (for computer B) Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT tcp -- 192.168.0.20 0.0.0.0/0 multiport dports 5671,5672 /* 001 amqp incoming amqp_192.168.0.20 */ ACCEPT tcp -- 192.168.0.19 0.0.0.0/0 multiport dports 5666 /* 001 nagios-nrpe incoming nagios_nrpe */ ACCEPT udp -- 192.168.0.19 0.0.0.0/0 multiport dports 4789 /* 001 neutron tunnel port incoming neutron_tunnel_192.168.0.20_192.168.0.19 */ ACCEPT tcp -- 192.168.0.19 0.0.0.0/0 multiport dports 5900:5999 /* 001 nova compute incoming nova_compute */ ACCEPT tcp -- 192.168.0.20 0.0.0.0/0 multiport dports 16509,49152:49215 /* 001 nova qemu migration incoming nova_qemu_migration_192.168.0.20_192.168.0.20 */ ACCEPT tcp -- 192.168.0.21 0.0.0.0/0 multiport dports 16509,49152:49215 /* 001 nova qemu migration incoming nova_qemu_migration_192.168.0.20_192.168.0.21 */ ACCEPT tcp -- 192.168.0.22 0.0.0.0/0 multiport dports 16509,49152:49215 /* 001 nova qemu migration incoming nova_qemu_migration_192.168.0.20_192.168.0.22 */ ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:67 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:67 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain FORWARD (policy ACCEPT) target prot opt source destination ACCEPT all -- 0.0.0.0/0 192.168.122.0/24 ctstate RELATED,ESTABLISHED ACCEPT all -- 192.168.122.0/24 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain OUTPUT (policy ACCEPT) target prot opt source destination One more question, I'm on Centos7 using openstack juno: When starting firewalld, (service firewalld start) iptable stopped. Similarly, when iptables starts (service iptables start), firewalld gets stopped. On Sat, Mar 28, 2015 at 7:49 PM, Vedsar Kushwaha <vedsarkushwaha(a)gmail.com&gt; wrote: > > I'm using curl to access to the HTTPSEEVER. > > python -m SimpleHTTPServer 30001 > > > iptables -nL > > target prot opt source destination > ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ctstate > RELATED,ESTABLISHED > ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 > INPUT_direct all -- 0.0.0.0/0 0.0.0.0/0 > INPUT_ZONES_SOURCE all -- 0.0.0.0/0 0.0.0.0/0 > INPUT_ZONES all -- 0.0.0.0/0 0.0.0.0/0 > ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 > REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with > icmp-host-prohibited > > Chain FORWARD (policy ACCEPT) > target prot opt source destination > ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ctstate > RELATED,ESTABLISHED > ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 > FORWARD_direct all -- 0.0.0.0/0 0.0.0.0/0 > FORWARD_IN_ZONES_SOURCE all -- 0.0.0.0/0 0.0.0.0/0 > FORWARD_IN_ZONES all -- 0.0.0.0/0 0.0.0.0/0 > FORWARD_OUT_ZONES_SOURCE all -- 0.0.0.0/0 0.0.0.0/0 > FORWARD_OUT_ZONES all -- 0.0.0.0/0 0.0.0.0/0 > ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 > REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with > icmp-host-prohibited > > Chain OUTPUT (policy ACCEPT) > target prot opt source destination > OUTPUT_direct all -- 0.0.0.0/0 0.0.0.0/0 > > Chain FORWARD_IN_ZONES (1 references) > target prot opt source destination > FWDI_public all -- 0.0.0.0/0 0.0.0.0/0 [goto] > FWDI_public all -- 0.0.0.0/0 0.0.0.0/0 [goto] > > Chain FORWARD_IN_ZONES_SOURCE (1 references) > target prot opt source destination > > Chain FORWARD_OUT_ZONES (1 references) > target prot opt source destination > FWDO_public all -- 0.0.0.0/0 0.0.0.0/0 [goto] > FWDO_public all -- 0.0.0.0/0 0.0.0.0/0 [goto] > > Chain FORWARD_OUT_ZONES_SOURCE (1 references) > target prot opt source destination > > Chain FORWARD_direct (1 references) > target prot opt source destination > > Chain FWDI_public (2 references) > target prot opt source destination > FWDI_public_log all -- 0.0.0.0/0 0.0.0.0/0 > FWDI_public_deny all -- 0.0.0.0/0 0.0.0.0/0 > FWDI_public_allow all -- 0.0.0.0/0 0.0.0.0/0 > > Chain FWDI_public_allow (1 references) > target prot opt source destination > > Chain FWDI_public_deny (1 references) > target prot opt source destination > > Chain FWDI_public_log (1 references) > target prot opt source destination > > Chain FWDO_public (2 references) > target prot opt source destination > FWDO_public_log all -- 0.0.0.0/0 0.0.0.0/0 > FWDO_public_deny all -- 0.0.0.0/0 0.0.0.0/0 > FWDO_public_allow all -- 0.0.0.0/0 0.0.0.0/0 > > Chain FWDO_public_allow (1 references) > target prot opt source destination > > Chain FWDO_public_deny (1 references) > target prot opt source destination > > Chain FWDO_public_log (1 references) > target prot opt source destination > > Chain INPUT_ZONES (1 references) > target prot opt source destination > IN_public all -- 0.0.0.0/0 0.0.0.0/0 [goto] > IN_public all -- 0.0.0.0/0 0.0.0.0/0 [goto] > > Chain INPUT_ZONES_SOURCE (1 references) > target prot opt source destination > > Chain INPUT_direct (1 references) > target prot opt source destination > > Chain IN_public (2 references) > target prot opt source destination > IN_public_log all -- 0.0.0.0/0 0.0.0.0/0 > IN_public_deny all -- 0.0.0.0/0 0.0.0.0/0 > IN_public_allow all -- 0.0.0.0/0 0.0.0.0/0 > > Chain IN_public_allow (1 references) > target prot opt source destination > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 > ctstate NEW > > Chain IN_public_deny (1 references) > target prot opt source destination > > Chain IN_public_log (1 references) > target prot opt source destination > > Chain OUTPUT_direct (1 references) > target prot opt source destination > > On Sat, Mar 28, 2015 at 6:57 PM, Marius Cornea <marius(a)remote-lab.net&gt; > wrote: >> >> iptables -nL ? >> >> Also it's not clear to me when you get the 'No route to host' message. >> How are you trying to access it? >> >> On Sat, Mar 28, 2015 at 2:23 PM, Vedsar Kushwaha >> <vedsarkushwaha(a)gmail.com&gt; wrote: >> > firewall is disable on all computers :) >> > >> > Redirecting to /bin/systemctl status firewalld.service >> > firewalld.service - firewalld - dynamic firewall daemon >> > Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled) >> > Active: inactive (dead) >> > >> > >> > On Sat, Mar 28, 2015 at 6:35 PM, Marius Cornea <marius(a)remote-lab.net&gt; >> > wrote: >> >> >> >> Hi, >> >> >> >> It sounds to me like a firewall issue. Please check the firewall rules >> >> on computer B and make sure you allow HTTP access from the clients. >> >> >> >> Tnx, >> >> Marius >> >> >> >> On Sat, Mar 28, 2015 at 1:43 PM, Vedsar Kushwaha >> >> <vedsarkushwaha(a)gmail.com&gt; wrote: >> >> > I installed openstack --allinone on one computer (Say A). >> >> > >> >> > Then, I added two more compute nodes(Say B and C) on this. >> >> > >> >> > Everything is working fine. >> >> > >> >> > But now, for some other reason I want to start HTTPServer on >> >> > computer B >> >> > and >> >> > access it from computer X and Y which are different from A,B & C. >> >> > >> >> > Now after running HTTPServer on computer B, I'm not able to access >> >> > it >> >> > from >> >> > computer X and Y. >> >> > Giving Error 'No route to host' >> >> > >> >> > Although from computer B, I can access HTTPServer of computer B. >> >> > >> >> > >> >> > Please help. >> >> > >> >> > -- >> >> > Vedsar Kushwaha >> >> > M.Tech-Computational Science >> >> > Indian Institute of Science >> >> > >> >> > _______________________________________________ >> >> > Rdo-list mailing list >> >> > Rdo-list(a)redhat.com >> >> > https://www.redhat.com/mailman/listinfo/rdo-list >> >> > >> >> > To unsubscribe: rdo-list-unsubscribe(a)redhat.com >> > >> > >> > >> > >> > -- >> > Vedsar Kushwaha >> > M.Tech-Computational Science >> > Indian Institute of Science > > > > > -- > Vedsar Kushwaha > M.Tech-Computational Science > Indian Institute of Science -- Vedsar Kushwaha M.Tech-Computational Science Indian Institute of Science