web2.stage.bugs.scl3.mozilla.com requires access to http, https and smtp

RESOLVED FIXED

Status

P1
normal
RESOLVED FIXED
7 years ago
5 years ago

People

(Reporter: glob, Assigned: cransom)

Tracking

Details

(Reporter)

Description

7 years ago
since bugzilla-stage-tip was moved from sjc to scl3, it is no longer able to access the internet.

[bjones@web2 ~]$ hostname
web2.stage.bugs.scl3.mozilla.com
[bjones@web2 ~]$ telnet glob.com.au 80
Trying 110.173.227.153...
<timeout>

please allow web2.stage.bugs.scl3.mozilla.com to establish outgoing connections on :80, :443 and :25.

thanks
(Reporter)

Updated

7 years ago
Blocks: 719441
(Reporter)

Updated

7 years ago
Blocks: 729992
(Reporter)

Updated

7 years ago
Blocks: 706184
No longer blocks: 729992

Updated

7 years ago
Severity: major → normal
Priority: -- → P1
(Assignee)

Comment 1

7 years ago
what kind of mail is web2 sending? we'll need to add specific static nat if this is user generated so that we don't end up black listing other ips.
Component: Server Operations: Netops → Server Operations: ACL Request
(In reply to casey ransom [:casey] from comment #1)
> what kind of mail is web2 sending? we'll need to add specific static nat if
> this is user generated so that we don't end up black listing other ips.

Similar mail to production bugzilla.mozilla.org. So the setup needs to be similar to production and be able to deliver email to the appropriate relay for testing purposes.

dkl
(Assignee)

Updated

7 years ago
Assignee: network-operations → cransom
(Assignee)

Comment 3

7 years ago
I added flows and a stage.bugs appropriate source NAT address. I'm assuming the appropriate relay you mention is an internet host rather than something internal as I don't see anything specific in phx1 for mail relay from bugzilla (but it might get inherited from other blanket rules), let me know if not the case.
[root@web2 ~]# curl ip.hubns.net/?raw
63.245.214.160
[root@web2 ~]# nc -vz mail.hubns.net 25
Connection to mail.hubns.net 25 port [tcp/smtp] succeeded!
(443 also works)
Status: NEW → RESOLVED
Last Resolved: 7 years ago
Resolution: --- → FIXED
Product: mozilla.org → Infrastructure & Operations
You need to log in before you can comment on or make changes to this bug.