Hi, I'm not sure but I think I suffer under the same problem with a bit different setup with squeeze testing and xen 4.0rc5. In fact I'm using bridges in the dom0 and the connections to the domU get lost sporadically. In don't see where's a solution to the problem... Is it now a bug? When it's an iptables bug, where's the corresponding bug in the iptables bugtracker and what exactly is iptables doing wrong. You stated "...but as the syslog message clearly indicates this rule works perfectly when the traffic is bridged." I'm using bridges but it's not working obviously. /etc/network/interfaces auto br0 allow-hotplug br0 iface br0 inet static address 10.100.200.20 netmask 255.255.255.0 dns-nameservers 10.100.200.3 gateway 10.100.200.3 bridge_ports eth0 allow-hotplug br1 auto br1 iface br1 inet manual bridge_ports eth1 This is my logs: Sep 6 09:47:14 elise kernel: [71970.564974] br1: port 2(vif1.1) entering disabled state Sep 6 09:47:14 elise kernel: [71970.578040] br1: port 2(vif1.1) entering disabled state Sep 6 09:47:14 elise kernel: [71970.718785] physdev match: using --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for non-bridged traffic is not supported anymore. Sep 6 09:47:14 elise kernel: [71970.718797] physdev match: using --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for non-bridged traffic is not supported anymore. Sep 6 09:47:14 elise kernel: [71970.718803] physdev match: using --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for non-bridged traffic is not supported anymore. Sep 6 09:47:14 elise kernel: [71970.724864] physdev match: using --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for non-bridged traffic is not supported anymore. Sep 6 09:47:14 elise kernel: [71970.724874] physdev match: using --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for non-bridged traffic is not supported anymore. Sep 6 09:47:15 elise kernel: [71970.871846] br0: port 2(vif1.0) entering disabled state Sep 6 09:47:15 elise kernel: [71970.890073] br0: port 2(vif1.0) entering disabled state Sep 6 09:47:15 elise kernel: [71971.010275] physdev match: using --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for non-bridged traffic is not supported anymore. Sep 6 09:47:15 elise kernel: [71971.010286] physdev match: using --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for non-bridged traffic is not supported anymore. Sep 6 09:47:15 elise kernel: [71971.016391] physdev match: using --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for non-bridged traffic is not supported anymore. Sep 6 09:47:17 elise kernel: [71972.912040] device vif3.0 entered promiscuous mode Sep 6 09:47:17 elise kernel: [71972.915898] br0: port 2(vif3.0) entering learning state Sep 6 09:47:17 elise kernel: [71972.948656] physdev match: using --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for non-bridged traffic is not supported anymore. Sep 6 09:47:17 elise kernel: [71972.953266] physdev match: using --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for non-bridged traffic is not supported anymore. Sep 6 09:47:17 elise kernel: [71972.953273] physdev match: using --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for non-bridged traffic is not supported anymore. Sep 6 09:47:17 elise kernel: [71972.986255] device vif3.1 entered promiscuous mode Sep 6 09:47:17 elise kernel: [71972.990441] br1: port 2(vif3.1) entering learning state Sep 6 09:47:17 elise kernel: [71973.011096] physdev match: using --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for non-bridged traffic is not supported anymore. Sep 6 09:47:17 elise kernel: [71973.011102] physdev match: using --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for non-bridged traffic is not supported anymore. Sep 6 09:47:17 elise kernel: [71973.016383] physdev match: using --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for non-bridged traffic is not supported anymore. Sep 6 09:47:17 elise kernel: [71973.016392] physdev match: using --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for non-bridged traffic is not supported anymore. Sep 6 09:47:17 elise kernel: [71973.016398] physdev match: using --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for non-bridged traffic is not supported anymore. Sep 6 09:47:18 elise kernel: [71974.706987] blkback: ring-ref 8, event-channel 8, protocol 1 (x86_64-abi) Sep 6 09:47:18 elise kernel: [71974.734701] blkback: ring-ref 9, event-channel 9, protocol 1 (x86_64-abi) Sep 6 09:47:32 elise kernel: [71987.913527] br0: port 2(vif3.0) entering forwarding state Sep 6 09:47:32 elise kernel: [71987.988031] br1: port 2(vif3.1) entering forwarding state -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.alioth.debian.org/pipermail/pkg-xen-devel/attachments/20100906/cd29b7c0/attachment-0001.htm>
Pasi Kärkkäinen
2010-Sep-06 09:21 UTC
[Pkg-xen-devel] Bug#571634: Bug#571634: bridge loosing connection
On Mon, Sep 06, 2010 at 10:31:28AM +0200, Jochen Demmer wrote:> Hi, > > I'm not sure but I think I suffer under the same problem with a bit > different setup with squeeze testing and xen 4.0rc5. > In fact I'm using bridges in the dom0 and the connections to the domU get > lost sporadically. > In don't see where's a solution to the problem... Is it now a bug? When > it's an iptables bug, where's the corresponding bug in the iptables > bugtracker and what exactly is iptables doing wrong. > You stated "...but as the syslog message clearly indicates this rule works > perfectly when the traffic is bridged." > I'm using bridges but it's not working obviously. >I don't really see any errors in the log below. Have you tried using different kernel in the domU? If network is fine from dom0, then this sounds like a bug in the domU kernel. What kernel are you running in the domU? -- Pasi> /etc/network/interfaces > auto br0 > allow-hotplug br0 > iface br0 inet static > address 10.100.200.20 > netmask 255.255.255.0 > dns-nameservers 10.100.200.3 > gateway 10.100.200.3 > bridge_ports eth0 > > allow-hotplug br1 > auto br1 > iface br1 inet manual > bridge_ports eth1 > > This is my logs: > Sep 6 09:47:14 elise kernel: [71970.564974] br1: port 2(vif1.1) entering > disabled state > Sep 6 09:47:14 elise kernel: [71970.578040] br1: port 2(vif1.1) entering > disabled state > Sep 6 09:47:14 elise kernel: [71970.718785] physdev match: using > --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for > non-bridged traffic is not supported anymore. > Sep 6 09:47:14 elise kernel: [71970.718797] physdev match: using > --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for > non-bridged traffic is not supported anymore. > Sep 6 09:47:14 elise kernel: [71970.718803] physdev match: using > --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for > non-bridged traffic is not supported anymore. > Sep 6 09:47:14 elise kernel: [71970.724864] physdev match: using > --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for > non-bridged traffic is not supported anymore. > Sep 6 09:47:14 elise kernel: [71970.724874] physdev match: using > --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for > non-bridged traffic is not supported anymore. > Sep 6 09:47:15 elise kernel: [71970.871846] br0: port 2(vif1.0) entering > disabled state > Sep 6 09:47:15 elise kernel: [71970.890073] br0: port 2(vif1.0) entering > disabled state > Sep 6 09:47:15 elise kernel: [71971.010275] physdev match: using > --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for > non-bridged traffic is not supported anymore. > Sep 6 09:47:15 elise kernel: [71971.010286] physdev match: using > --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for > non-bridged traffic is not supported anymore. > Sep 6 09:47:15 elise kernel: [71971.016391] physdev match: using > --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for > non-bridged traffic is not supported anymore. > Sep 6 09:47:17 elise kernel: [71972.912040] device vif3.0 entered > promiscuous mode > Sep 6 09:47:17 elise kernel: [71972.915898] br0: port 2(vif3.0) entering > learning state > Sep 6 09:47:17 elise kernel: [71972.948656] physdev match: using > --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for > non-bridged traffic is not supported anymore. > Sep 6 09:47:17 elise kernel: [71972.953266] physdev match: using > --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for > non-bridged traffic is not supported anymore. > Sep 6 09:47:17 elise kernel: [71972.953273] physdev match: using > --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for > non-bridged traffic is not supported anymore. > Sep 6 09:47:17 elise kernel: [71972.986255] device vif3.1 entered > promiscuous mode > Sep 6 09:47:17 elise kernel: [71972.990441] br1: port 2(vif3.1) entering > learning state > Sep 6 09:47:17 elise kernel: [71973.011096] physdev match: using > --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for > non-bridged traffic is not supported anymore. > Sep 6 09:47:17 elise kernel: [71973.011102] physdev match: using > --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for > non-bridged traffic is not supported anymore. > Sep 6 09:47:17 elise kernel: [71973.016383] physdev match: using > --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for > non-bridged traffic is not supported anymore. > Sep 6 09:47:17 elise kernel: [71973.016392] physdev match: using > --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for > non-bridged traffic is not supported anymore. > Sep 6 09:47:17 elise kernel: [71973.016398] physdev match: using > --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for > non-bridged traffic is not supported anymore. > Sep 6 09:47:18 elise kernel: [71974.706987] blkback: ring-ref 8, > event-channel 8, protocol 1 (x86_64-abi) > Sep 6 09:47:18 elise kernel: [71974.734701] blkback: ring-ref 9, > event-channel 9, protocol 1 (x86_64-abi) > Sep 6 09:47:32 elise kernel: [71987.913527] br0: port 2(vif3.0) entering > forwarding state > Sep 6 09:47:32 elise kernel: [71987.988031] br1: port 2(vif3.1) entering > forwarding state> _______________________________________________ > Pkg-xen-devel mailing list > Pkg-xen-devel at lists.alioth.debian.org > http://lists.alioth.debian.org/mailman/listinfo/pkg-xen-devel
Possibly Parallel Threads
- Bug#571634: xen-utils-common - using --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for non-bridged traffic
- Bug#571634: correct link to patch, another tangled issue in current stable
- Missing packets on Dom0 when sniffing bridge with wireshark/tethreal
- CentOS 6 - VM network bridge issue
- [Bug 570] PREROUTING is unaware of VLAN interfaces