Closed Bug 743816 Opened 13 years ago Closed 13 years ago

ACL migration for dm-sumotools01

Categories

(Infrastructure & Operations Graveyard :: NetOps: DC ACL Request, task)

Product:
Infrastructure & Operations Graveyard
Component:
NetOps: DC ACL Request
Platform:
x86
macOS
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: cshields, Assigned: cransom)

Details

dm-sumotools01 is being moved from sjc1 to scl3 as we speak. Its former IP was 10.2.74.133 and new IP (being moved to the webapp vlan) will be 10.22.81.131 I'm not sure what flows (if any) need to be made here but I'm sure that access from mpt-vpn will be one. Any others that you can find and reproduce in the new location would help a lot.
i didn't see any specific, active flows for that host: fcore1# show access-list | inc 10.2.74.133 access-list into-db line 26 extended permit tcp host 10.2.74.133 host 10.2.70.130 eq 3306 (hitcnt=0) 0xfe72912b access-list into-db line 27 extended permit tcp host 10.2.74.133 host 10.2.70.131 eq 3306 (hitcnt=0) 0x2cc03d03 so I've only added cm-vpn01 access for it.
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Assignee: network-operations → cransom
So, we moved the dbs for 10.2.70.130/.131 today to SCL3, and bringing them up with local VIPs there. Can we open flows for 10.22.81.131 to these new db VIPs? 10.22.81.131 -> 10.22.70.62:3306 10.22.81.131 -> 10.22.70.63:3306
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
+ policy stage-vip-mysql { + match { + source-address sumotools1; + destination-address [ stage-rw-vip stage-ro-vip ]; + application mysql; + } + then { + permit; + } + }
Status: REOPENED → RESOLVED
Closed: 13 years ago13 years ago
Resolution: --- → FIXED
Product: mozilla.org → Infrastructure & Operations
Product: Infrastructure & Operations → Infrastructure & Operations Graveyard
You need to log in before you can comment on or make changes to this bug.