WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Xen
Home Products Support Community News

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
<prev [Thread] next>

[Xen-users] Packets droped by Dom0

from [Guillaume S] [Permanent Link][Original]
To: <xen-users@xxxxxxxxxxxxxxxxxxx>
Subject: [Xen-users] Packets droped by Dom0
From: "Guillaume S" <drgkill@xxxxxxxxx>
Date: 2010年4月15日 12:22:38 +0200
Delivery-date: 2010年4月15日 03:24:48 -0700
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:from:to:subject:date :message-id:mime-version:content-type:x-mailer:thread-index :content-language; bh=FjVzAxi/tx5KIa0r/uGne4ZtpwkxX9kCOvWPSZjEPag=; b=lEXw9j5ZX3JNP/sWZIBgwHFgQ2jFXtLZtazrXC7ERMhM6YDxBOMQVFloog+j/bD+xp eUiWllkdIAiKbKZqML5z2rMQk9k6zPJVLvQZAyl8tCMVBY1pITxAfgpy98YowQ4uIJ4n 8pEFrk69VzoImu3AsW7NhUb6RRvTi0kK6DhKQ=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=from:to:subject:date:message-id:mime-version:content-type:x-mailer :thread-index:content-language; b=bQjdU+gfaJKMimjq2Hyhz1PU31A1R1KBPGRRmr98rN1od2RnzlA+/CVB0t4+TRfyN+ +/FkGcJ1p1FuPfupP4xXkIVAgcvXjdixQ+AROrdVNNwxwZ3mCTX+eF9PHGiSpZ3auaf6 FUftEmE/JHPXia9RUZFA27pYpVZ2f0Ai7LWsI=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: AcrchZK4YH4TtAMoTCqkQWkO9Gh5wg==

Dear,

I got a real strange problem with my Xen installation.

When I setup a DomU with an interface with a public IP, packets are droped by dom0 …

I got a bridged configuration with VLANs :

# brctl show

bridge name     bridge id               STP enabled     interfaces

tmpbridge               8000.000000000000       no

xlan.20         8000.feffffffffff       no              eth1.20

xlan.30         8000.feffffffffff       no              GEV1lan

                                                        NSlan

                                                        OmegaBlog1lan

                                                        RMlan

                                                        SFlan

                                                        eth1.30

xwan            8000.0026b9835a88       no              peth0

                                                        testWan

# ip add sh dev xwan

6: xwan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN

    link/ether 00:26:b9:83:5a:88 brd ff:ff:ff:ff:ff:ff

    inet 78.24.xx.yy/26 brd 78.24.xx.yy scope global xwan

    inet6 fe80::226:b9ff:fe83:5a88/64 scope link

       valid_lft forever preferred_lft forever

-When I try to ping my domU I get huge amount of packet loss:

# ping 78.24.xx.zz

PING 78.24.xx.zz (78.24.xx.zz) 56(84) bytes of data.

64 bytes from 78.24.xx.zz: icmp_seq=1 ttl=128 time=5.69 ms

^C

--- 78.24.xx.zz ping statistics ---

5 packets transmitted, 1 received, 80% packet loss, time 4026ms

rtt min/avg/max/mdev = 5.690/5.690/5.690/0.000 ms

Monitoring the xwan bridge :

# tcpdump -n -e -ttt -i xwan icmp

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode

listening on xwan, link-type EN10MB (Ethernet), capture size 96 bytes

00:00:01.006698 00:26:b9:83:5a:88 > 00:16:3e:52:89:d2, ethertype IPv4 (0x0800), length 98: 78.24.130.200 > 78.24.130.204: ICMP echo request, id 60001, seq 304, length 64

00:00:01.000464 00:26:b9:83:5a:88 > 00:16:3e:52:89:d2, ethertype IPv4 (0x0800), length 98: 78.24.130.200 > 78.24.130.204: ICMP echo request, id 60001, seq 305, length 64

00:00:01.008578 00:26:b9:83:5a:88 > 00:16:3e:52:89:d2, ethertype IPv4 (0x0800), length 98: 78.24.130.200 > 78.24.130.204: ICMP echo request, id 60001, seq 306, length 64

00:00:01.008262 00:26:b9:83:5a:88 > 00:16:3e:52:89:d2, ethertype IPv4 (0x0800), length 98: 78.24.130.200 > 78.24.130.204: ICMP echo request, id 60001, seq 307, length 64

00:00:01.009170 00:26:b9:83:5a:88 > 00:16:3e:52:89:d2, ethertype IPv4 (0x0800), length 98: 78.24.130.200 > 78.24.130.204: ICMP echo request, id 60001, seq 308, length 64

00:00:00.000642 00:16:3e:52:89:d2 > 00:26:b9:83:5a:88, ethertype IPv4 (0x0800), length 98: 78.24.130.204 > 78.24.130.200: ICMP echo reply, id 60001, seq 308, length 64 ß Sometime an echo reply …

00:00:00.999149 00:26:b9:83:5a:88 > 00:16:3e:52:89:d2, ethertype IPv4 (0x0800), length 98: 78.24.130.200 > 78.24.130.204: ICMP echo request, id 60001, seq 309, length 64

00:00:01.000767 00:26:b9:83:5a:88 > 00:16:3e:52:89:d2, ethertype IPv4 (0x0800), length 98: 78.24.130.200 > 78.24.130.204: ICMP echo request, id 60001, seq 310, length 64

00:00:01.000895 00:26:b9:83:5a:88 > 00:16:3e:52:89:d2, ethertype IPv4 (0x0800), length 98: 78.24.130.200 > 78.24.130.204: ICMP echo request, id 60001, seq 311, length 64

00:00:00.999157 00:26:b9:83:5a:88 > 00:16:3e:52:89:d2, ethertype IPv4 (0x0800), length 98: 78.24.130.200 > 78.24.130.204: ICMP echo request, id 60001, seq 312, length 64

- Iptables settings looks fine :

# iptables -L

Chain INPUT (policy ACCEPT)

target     prot opt source               destination

Chain FORWARD (policy ACCEPT)

target     prot opt source               destination

ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED PHYSDEV match --physdev-out testWan

ACCEPT     all  --  some.host.com        anywhere            PHYSDEV match --physdev-in testWan

Chain OUTPUT (policy ACCEPT)

target     prot opt source               destination

I did notice something weird : Lots of multicast ICMPv6 packets sent :

# tcpdump -n -e -ttt -i BurdaWan

tcpdump: WARNING: BurdaWan: no IPv4 address assigned

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode

listening on BurdaWan, link-type EN10MB (Ethernet), capture size 96 bytes

00:00:00.000000 00:16:3e:52:89:d2 > 33:33:00:00:00:16, ethertype IPv6 (0x86dd), length 90: fe80::2ccf:baab:b297:334b > ff02::16: HBH ICMP6, multicast listener report v2, 1 group record(s), length 28

00:00:00.000168 00:16:3e:52:89:d2 > 33:33:00:00:00:16, ethertype IPv6 (0x86dd), length 90: fe80::2ccf:baab:b297:334b > ff02::16: HBH ICMP6, multicast listener report v2, 1 group record(s), length 28

00:00:00.000220 00:16:3e:52:89:d2 > 33:33:00:00:00:16, ethertype IPv6 (0x86dd), length 90: fe80::2ccf:baab:b297:334b > ff02::16: HBH ICMP6, multicast listener report v2, 1 group record(s), length 28

00:00:00.000175 00:16:3e:52:89:d2 > 33:33:00:00:00:16, ethertype IPv6 (0x86dd), length 90: fe80::2ccf:baab:b297:334b > ff02::16: HBH ICMP6, multicast listener report v2, 1 group record(s), length 28

00:00:00.000173 00:16:3e:52:89:d2 > 33:33:00:00:00:16, ethertype IPv6 (0x86dd), length 90: fe80::2ccf:baab:b297:334b > ff02::16: HBH ICMP6, multicast listener report v2, 1 group record(s), length 28

If someone could help me on this it would be MUCH appreciated !

Thanks by advance,

Guillaume S.

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date: Re: [Xen-users] Xen cloud , Matthew Law
Next by Date: [Xen-users] Re: LVM's inside of Domu's , Ferenc Wagner
Previous by Thread: [Xen-users] Xen cloud , dky hax
Next by Thread: RE: [Xen-users] Packets droped by Dom0 , Guillaume S
Indexes: [Date] [Thread] [Top] [All Lists]

Copyright ©, Citrix Systems Inc. All rights reserved. Legal and Privacy
Citrix This site is hosted by Citrix

AltStyle によって変換されたページ (->オリジナル) /