[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Xen 4.18/ARM64 on Raspberry Pi 4B: VLAN traffic crashing Dom0

To: xen-users@xxxxxxxxxxxxxxxxxxxx
From: Paul Leiber <paul@xxxxxxxxxxxxxxxx>
Date: Thu, 7 Sep 2023 18:41:04 +0200
Arc-authentication-results: i=1; strato.com; arc=none; dkim=none
Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; t=1694104871; s=strato-dkim-0002; d=strato.com; h=Subject:From:To:Date:Message-ID:Cc:Date:From:Subject:Sender; bh=oinabyNNI6onG2RkfhQilMOD0B4h8uRpcXuah0X1Ns0=; b=ndrmTsiQkftxsaO0K4OWkJ6PZeu4pY02/jrhF0rDIhc1BtFSDqpVACfjwKqVQav9q5 ZNww9Q4+2X1IGnjACwklKk+1ia+6Fj7Wn+xQhXghFq+BFyTM2SCp+9bQwmooV5lzHtBy Ubl7MhHxFKTrUGRRjfWBfsmac+zVpFCR7a3eaFytui7tEtgMBLOMG7AZZjRqiX4gcpxU N7kIAeqUwLoEGHZYIkc+ltQJGhUw3xBYsERAhpDpstjfiAoM8+zmRfSFMJAyaUrJsyZN OyKZfmUqO7COnJftDzY4eMnzNVB/9i0Xw0NPW3E6tk6uwQaxlvVEMkYKqcW+jtvOB1+F d88A==
Arc-seal: i=1; a=rsa-sha256; t=1694104871; cv=none; d=strato.com; s=strato-dkim-0002; b=i/+r75rOx/muJTDsw+cofw6LgF4kWtiXEFH8d330ObuvfNZubHmJKw4L1nX3GuIpyB Z6DGX3JsbvS0AfGnaVhv/RkR5o5nvQt2Mu0ejngx873Yc1DqJWaUGDBhE7aLpxDz4tca lFTBvNV7tIYy06iwdPdpgVFWat+ApOiJyFd07Woa9m53fWo5EQaxQxzHlI/5/7VcN+Vk K715qLsUErZDJCeVo00sSE11cfyhUYJuZbR1SfNFKlQSyJ7dmfPLG13Ks7lC18OSZgQ2 I6PI/UWNw63TzDPE3SlilCuQzQtteqaWQ6wdBMxLopclHKfL9R6NyH6N/E2u1H1FZFuV DS2w==
Delivery-date: Thu, 07 Sep 2023 16:42:11 +0000
List-id: Xen user discussion <xen-users.lists.xenproject.org>

Hi Xen users list,

I've come across something strange. I recently set up Xen (selfcompiled, Version 4.18) on a Raspberry Pi 4B. Until yesterday,everything worked well with one DomU and one bridge.

Then I wanted to actually make use of the virtualization and started toset up a second Debian Bookworm DomU (using xen-create-image) formonitoring my systems with zabbix. The bridge used for this setup wasthe device bridging the hardware NIC. I installed zabbix, set it up, andeverything went well, I could access the web interface without any problem.

Then I set up VLANs (using VLAN numbers 1 and 2, which I probablyshouldn't, but its a working setup, and therefore...) to separatenetwork traffic between the DomUs. I made the existing device bridgeVLAN 1 (bridge 1) and created a secondary device for bridging VLAN 2(bridge 2). Using only bridge 1 / VLAN 1 everything works well, I canaccess the zabbix web interface without any noticeable issue. Afterswitching the zabbix DomU to VLAN 2 / bridge 2, everything seeminglykeeps on working well, I can ping different devices in my network fromthe zabbix DomU and vice versa, I can ssh into the machine.

However, as soon as I remotely access the zabbix web interface, thecomplete system (DomUs and Dom0) becomes unresponsive and reboots aftera couple of seconds. This is reliably reproducable.

I didn't see any error message in any log (zabbix, DomU syslog, Dom0syslog) except for the following lines immediately before the systemreboots on the Xen serial console:


(XEN) Watchdog timer fired for domain 0
(XEN) Hardware Dom0 shutdown: watchdog rebooting machine

As soon as I change the bridge to bridge 1 (with or without VLAN setup),the web interface is accessible again after booting the zabbix DomU.

So I assume that causing high traffic on the virtual NIC when using aVLAN setup with more than 1 VLAN makes the system hard crash. Of course,there might be other causes that I'm not aware of, but that seems to bethe most likely assumption.

I'd appreciate any hints how to troubleshoot this and/or how to proceedotherwise (bug report?).


Thanks,

Paul


xl info:

host                   : ***
release                : 6.1.0-11-arm64
version                : #1 SMP Debian 6.1.38-4 (2023-08-08)
machine                : aarch64
nr_cpus                : 4
max_cpu_id             : 3
nr_nodes               : 1
cores_per_socket       : 1
threads_per_core       : 1
cpu_mhz                : 54.000

hw_caps :00000000:00000000:00000000:00000000:00000000:00000000:00000000:00000000

virt_caps              : hvm hap vpmu gnttab-v1
arm_sve_vector_length  : 0
total_memory           : 8043
free_memory            : 5859
sharing_freed_memory   : 0
sharing_used_memory    : 0
outstanding_claims     : 0
free_cpus              : 0
xen_major              : 4
xen_minor              : 18
xen_extra              : -unstable
xen_version            : 4.18-unstable
xen_caps               : xen-3.0-aarch64 xen-3.0-armv7l
xen_scheduler          : credit2
xen_pagesize           : 4096
platform_params        : virt_start=0x0
xen_changeset          : Fri Aug 11 09:59:49 2023 +0200 git:a9a3b432a8

xen_commandline : placeholder dom0_mem=1024M,max:1024Mconsole=dtuart dtuart=serial1 sync_console no-real-mode edd=off

cc_compiler            : gcc (Debian 12.2.0-14) 12.2.0
cc_compile_by          : root
cc_compile_domain      : ***
cc_compile_date        : Mon Aug 14 22:05:30 CEST 2023
build_id               : b21191ae0cd2ff49905c166a665dc30d9a4b1fbf
xend_config_format     : 4



cat /etc/network/interfaces (with VLAN setup, redacted for IPs):

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto enabcm6e4ei0
iface enabcm6e4ei0 inet manual
iface enabcm6e4ei0 inet6 manual

VLAN LAN
auto enabcm6e4ei0.1
iface enabcm6e4ei0.1 inet manual

VLAN DMZ_LAN
auto enabcm6e4ei0.2
iface enabcm6e4ei0.2 inet manual

#Bridge LAN
auto xenbr0
iface xenbr0 inet static
        bridge_ports enabcm6e4ei0.1
        address *.*.*.*/24
        gateway *.*.*.*

iface xenbr0 inet6 static
        bridge_ports enabcm6e4ei0.1
        address *::*/64
        gateway *::*
        # use SLAAC al IPv6 address from the router
        # we may notv6 forwarding, otherwise SLAAC ged
        autoconf 1
        accept_ra 2

#Bridge DMZ_LAN
auto xenbr1
iface xenbr1 inet manual
        bridge_ports enabcm6e4ei0.2

Follow-Ups:
- Re: Xen 4.18/ARM64 on Raspberry Pi 4B: VLAN traffic crashing Dom0
  - From: reijo . korhonen
- Re: Xen 4.18/ARM64 on Raspberry Pi 4B: VLAN traffic crashing Dom0
  - From: zithro

Prev by Date: Xen Security Advisory 437 v2 (CVE-2023-34321) - arm32: The cache may not be properly cleaned/invalidated
Next by Date: Re: Xen 4.18/ARM64 on Raspberry Pi 4B: VLAN traffic crashing Dom0
Previous by thread: Xen Security Advisory 437 v2 (CVE-2023-34321) - arm32: The cache may not be properly cleaned/invalidated
Next by thread: Re: Xen 4.18/ARM64 on Raspberry Pi 4B: VLAN traffic crashing Dom0
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.