[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] 3.4.x networking



On Sunday 13 September 2009 14:46:26 Pasi Kärkkäinen wrote:
> > I know it says the error is with vif-bridge, but that's stock, so I don't
> > know what could be wrong with it. I dont get these errors witht he Xen
> > 3.3.1 and Kernel i mentioned earlier.
> 
> Did you diff vif-bridge script between xen 3.3.1 and xen 3.4.1 versions? 
> What are the differences? 
> 
> What's the failing iptables command? Please paste the whole command here, 
> including the parameters.

frob_iptables in /etc/xen/scripts/vif-common.sh has changed, mostly by the 
addition of:

iptables "$c" FORWARD -m state --state RELATED,ESTABLISHED -m physdev \
    --physdev-out "$vif" -j ACCEPT 2>/dev/null

I found this not only caused the probably innocuous physdev depreciation 
warning, but caused the conntrack modules to be loaded due to the state check. 
The default conntrack size was far too small for me.
So either remove iptables, or comment out "handle_iptable" from 
/etc/xen/scripts/vif-bridge, I've no need for Xen to change iptables.

-- 
Mike Williams

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.