[Pkg-xen-devel] Recent hypervisor update on Debian Wheezy breaks domU networking
Ian Campbell
ijc at hellion.org.uk
Mon Feb 18 10:50:01 UTC 2013
On Mon, 2013-02-18 at 12:04 +0200, Gavin wrote:
> Firstly I apologise for the cross-post,
I've added xen-users since you also bounced this there.
> however I don't expect to get as quick a response from the package
> maintainers as I do from the Debian community, and this issue affects
> a service that I've got scheduled to go live at midnight this
> evening. :(
>
>
> A recent update from xen-hypervisor-4.1-amd64 version 4.1.3-7, to
> version 4.1.3-8 on Debian Wheezy has caused all vm's on this host to
> not receive their arp replies anymore and as such they cannot reach
> their gateways and are now isolated from the network.
>
>
> There was a more recent update as well (4.1.4-2) which I have now
> since applied however this particular issue persists.
Networking level stuff is all done by the dom0 (or driver domain) kernel
rather than the hypervisor so it is far more likely that a kernel level
change rather than a hypervisor change would be responsible. What kernel
version are you running? Did it also change?
> The arp replies are received by the host and passed all the way up to
> the bridge (br200) being used by Xen, however they are not seen on the
> vif (vif2.0) created for the particular vm.
Do you have any firewall or ebfilter entries which might have either
been discarded or reintroduced by the reboot? (i.e. a manual settings
modification which wasn't propagated to the startup scripts). Or perhaps
sysctl tweaks?
> 1) Please let me know if I should roll-back this particular xen
> update, kernel and all, and what those steps may be, or if this is a
> known issue with a particular workaround that I can apply.
I'd certainly be tempted to try the older kernel, assuming that was also
upgraded. It may even still be installed and in your grub menu already.
> 2) Would moving to openvswitch be another possible workaround?
Without knowing what the underlying issue is it is hard to predict
whether it will also affect ovs.
> My config:-
Looks correct to me.
Ian.
More information about the Pkg-xen-devel
mailing list