[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] VM bridge doesn't pass traffic

  • To: xen-users@xxxxxxxxxxxxx
  • From: David Winterstein <dw@xxxxxxxxxxxxxx>
  • Date: Mon, 18 Jan 2016 11:34:36 +0100
  • Delivery-date: Mon, 18 Jan 2016 12:19:09 +0000
  • List-id: Xen user discussion <xen-users.lists.xen.org>
Am 18.01.2016 um 11:20 schrieb Ian Campbell:
> On Mon, 2016-01-18 at 10:06 +0100, David Winterstein wrote:
>> Hey guys,
>>
>> I've got a really strange issue with the networking on Debian 8.2 with
>> Xen 4.4, probably particularly regarding the network bridge between the
>> host machine and the vm.
>> I recently set up a server cluster consisting of two Debian Jessie
>> servers in a pretty basic configuration with Xen 4.4 from the official
>> repositories. I then configured corosync, pacemaker and DRBD to sync a
>> root partition between the two nodes and installed a Debian Jessie VM on
>> the master node.
>> Everything worked fine so far, but when I wanted to start configuring
>> the vm two days ago, I found that though the eth0 interface was up and
>> running a correctly configured IP the vm didn't have any access to the
>> network.
>> I then proceeded to check every possible thing I could think of and am
>> now at my wit's end.
>> The bridge is brought up by the default vif-bridge script and running,
>> as brctl shows:
>>
>> bridge name     bridge id               STP enabled     interfaces
>> xenbr0          8000.0cc47a781e22       no              eth0
>>                                                         vif1.0
>>
>> The required iptables rules are correctly generated:
>>
>> Chain INPUT (policy ACCEPT 22281 packets, 3522K bytes)
>>  pkts bytes target     prot opt in     out     source
>> destination
>>
>> Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
>>  pkts bytes target     prot opt in     out     source
>> destination
>>     0     0 ACCEPT     all  --  *      *       0.0.0.0/0
>> 0.0.0.0/0            PHYSDEV match --physdev-out vif1.0 --physdev-is-
>> bridged
>>     0     0 ACCEPT     all  --  *      *       0.0.0.0/0
>> 0.0.0.0/0            PHYSDEV match --physdev-in vif1.0 --physdev-is-
>> bridged
>>
>> Chain OUTPUT (policy ACCEPT 18929 packets, 3285K bytes)
>>  pkts bytes target     prot opt in     out     source
>> destination
>>
>> Strangely, the vif interface is shown as DOWN in ip a on the dom0:
>>
>> 5: vif1.0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq master
>> xenbr0 state DOWN group default qlen 32
>>     link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff
> Does this indicate that the xenbr0 device itself is down, but vif1.0 is up?
>
> Please can you post the full output of "ip addr show" in your dom0 and the
> contents of your dom0 /etc/network/interfaces.
>
> Ian.
> _______________________________________________
> Xen-users mailing list
> Xen-users@xxxxxxxxxxxxx
> http://lists.xen.org/xen-users

Hi Ian!
No, the xenbr0 itself is UP. See the command output below:

[11:25:57] root@XXXXX-web-node02:~# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
group default
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master
xenbr0 state UP group default qlen 1000
    link/ether 0c:c4:7a:78:1e:22 brd ff:ff:ff:ff:ff:ff
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP
group default qlen 1000
    link/ether 0c:c4:7a:78:1e:23 brd ff:ff:ff:ff:ff:ff
    inet 10.10.10.200/24 brd 10.10.10.255 scope global eth1
       valid_lft forever preferred_lft forever
    inet6 fe80::ec4:7aff:fe78:1e23/64 scope link
       valid_lft forever preferred_lft forever
4: xenbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
state UP group default
    link/ether 0c:c4:7a:78:1e:22 brd ff:ff:ff:ff:ff:ff
    inet 10.41.16.236/24 brd 10.41.16.255 scope global xenbr0
       valid_lft forever preferred_lft forever
    inet6 fe80::ec4:7aff:fe78:1e22/64 scope link
       valid_lft forever preferred_lft forever
5: vif1.0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq master
xenbr0 state DOWN group default qlen 32
    link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff

[11:26:01] root@XXXXX-web-node02:~# cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto xenbr0
allow-hotplug xenbr0
iface xenbr0 inet static
        address 10.41.16.236
        netmask 255.255.255.0
        gateway 10.41.16.1
        bridge_ports eth0

        # dns-* options are implemented by the resolvconf package, if
installed
        dns-nameservers 208.67.222.222 208.67.220.220 8.8.8.8
        dns-search xxxxx.de

auto eth1
allow-hotplug eth1
iface eth1 inet static
        address 10.10.10.200
        netmask 255.255.255.0


Regards,
  David

-- 

Compositiv GmbH
Hammer Deich 30
20537 Hamburg
Tel: 040 / 609 4349 0
Fax: 040 / 609 4349 40

GeschÃftsfÃhrer Matthias Krawen
Amtsgericht Hamburg - HRB 122540

USt.-IdNr: DE282432834
Es gelten ausschlieÃlich unsere AGB.


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxx
http://lists.xen.org/xen-users

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.