Bug 2229947

Summary: [Azure][ARM64][RHEL9] IP forward fails SSH
Product: Red Hat Enterprise Linux 9 Reporter: Li Tian <litian>
Component: kernelAssignee: Virtualization Maintenance <virt-maint>
kernel sub component: Hyper-V QA Contact: Li Tian <litian>
Status: CLOSED NOTABUG Docs Contact:
Severity: unspecified    
Priority: unspecified CC: andavis, bdas, virt-maint, xuli, yacao, yuxisun
Version: 9.3   
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 2229935 Environment:
Last Closed: 2023-08-09 01:44:54 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2229935    
Bug Blocks:    

Description Li Tian 2023-08-08 09:15:04 UTC 
+++ This bug was initially created as a clone of Bug #2229935 +++

Description of problem:
After enabling IP forward functionality, VMs can only ping each other but not SSH or do iperf3 tests. This happens on both ARM64 RHEL 8.9 and RHEL 9.3.

Version-Release number of selected component (if applicable):
4.18.0-506.el8.aarch64
5.14.0-347.el9.aarch64

How reproducible:
100%

Steps to Reproduce:
Polarion test case - https://polarion.engineering.redhat.com/polarion/#/project/RHELVIRT/workitem?id=RHEL-196234
OR follow steps in previously reported bug -
https://bugzilla.redhat.com/show_bug.cgi?id=1898280#c6
SSH from 'sender' VM to 'receiver' VM, or vice versa. Use iperf3 to send/receive traffic.

Actual results:
Neither SSH or iperf3 can find the destination address. But ping is okay (less than 10ms delay).

Expected results:
Should be able to SSH and do iperf3

Additional info:
Issue does not present on x86_64 RHEL 8.9 or 9.3.
Comment 1 Li Tian 2023-08-09 01:44:54 UTC 
We forgot to disable firewalld in ARM64 image and caused this. Sorry. False alarm.