Commit 3999f22e authored by Leigh Stoller's avatar Leigh Stoller

Add iptables rule to for packets to boss since boss is not in

the control network, and the packets were getting nat'ed.
parent 6844f77c
......@@ -1456,6 +1456,13 @@ sub vz_vnodePreConfigControlNetwork {
system("$IPTABLES -t nat -A POSTROUTING" .
" -s $net/$mask" .
" -d $cnetwork/$cnetmask -j ACCEPT") ||
# Same as above, but specific rule for boss which might be on
# a distinct segment, as it is in Utah.
system("$IPTABLES -t nat -A POSTROUTING" .
" -s $net/$mask" .
" -d $bossip -j ACCEPT") ||
# Then if the source is from one vnode to another vnode, also
# let that through without NAT'ing it.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment