Xen users - Aug 2007 - dhcp service in Dom0 not working properly

I have the following problem. I''ve set up a dhcp server at Dom0 level,
in
order to provide ip addresses for the computers on my LAN. However, the dhcp
daemon is not answering queries, nor giving addresses.

Dom0 has just one ethernet adapter configured (the physical machine has only
one ethernet card, which is connected to the LAN switch).

The dhcp daemon is running and listening (that''s at least what netstat
shows), with no errors reported to the system logs. I don''t think it
can be
an iptables issue, since it seems that dhcp packets don''t pass through
the
iptables chains (anyways, i also tried allowing all traffic -setting default
INPUT policy == ACCEPT-, but that didn''t help).

If i try a tcpdump -i eth0 ''dst port 67'', i can''t
even see DHCPREQUEST
packets reaching the server (client machines, based on W2K, keep retrying
until they give up, wihtout getting a valid address). I must note that
connectivity on Dom0 works ok, with several services working as expected
(dns, http, squid, etc.)

The server is running Debian Etch (the dhcp service configuration was copied
from a physical server, in which it was working fine).

Has anyone experienced similar problems? Any ideas on how this can be fixed?


Thanks in advance,
Alex

===================================================
ii  xen-hypervisor-3.0.3-1-i386-pae   3.0.3-0-2                       The
Xen Hypervisor on i386 with pae
ii  dhcp3-server                      3.0.4-13                        DHCP
server for automatic IP address assignm

Linux version 2.6.18-4-xen-686 (Debian 2.6.18.dfsg.1-12etch2) (
dannf@debian.org) (gcc version 4.1.2 20061115 (prerelease) (Debian 4.1.1-21
))


_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Alejandro Martini, 26.8.2007 17:49:
> I have the following problem. I''ve set up a dhcp server at Dom0
level, in
> order to provide ip addresses for the computers on my LAN. However, the
dhcp
> daemon is not answering queries, nor giving addresses.
>
> ...
>
> If i try a tcpdump -i eth0 ''dst port 67'', i
can''t even see DHCPREQUEST
> packets reaching the server (client machines, based on W2K, keep retrying
> until they give up, wihtout getting a valid address).
You should try tcpdump with -vv. If you see udp checksum errors then
disable tx checksumming with this command:
/usr/sbin/ethtool -K eth0 tx off

- --
professional home page                  -> http://tibor.pittich.sk
personal blog                           -> http://blog.phuture.sk

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Darwin)

iD8DBQFG0uRDD+AyEdKmHUQRArzpAJoD3qwgshenmbs0/Dbx2hY8ukf5FgCfdZB5
xTBdXHaJjt+rZL09SeBGpsU=0XFE
-----END PGP SIGNATURE-----

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

Following Tibor''s advice, i disabled tx checksums for the eth0
interface,
and then run some more tests. Here''s what i''ve found by
running two
instances of tcpdump simultaneously (one listening on eth0, and the other
listening on peth0):

Dump 1 (listening on peth0):

tcpdump -vv -i peth0 ''dst port 67 or src port 68''
tcpdump: WARNING: peth0: no IPv4 address assigned
tcpdump: listening on peth0, link-type EN10MB (Ethernet), capture size 96
bytes
18:46:42.413530 IP (tos 0x0, ttl 128, id 6463, offset 0, flags [none],
proto: UDP (17), length: 328) 0.0.0.0.bootpc > 255.255.255.255.bootps:
BOOTP/DHCP, Request from 00:16:17:3b:5e:33 (oui Unknown), length 300, xid
0x9f266e11, secs 7168, Flags [ Broadcast ] (0x8000)

Dump 2 (listening on eth0, nothing happens):

tcpdump -vv -i eth0 ''dst port 67 or src port 68''
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96
bytes

One can conclude that DHCPDISCOVER packets are reaching the server (as peth0
sees them perfectly). However, those same packets don''t get to eth0. I
repeated the test with tshark, leaving it running for a couple of hours, and
while peth0 saw every dhcp broadcast on the network, eth0 didn''t see a
single one.

Is this an expected Xen behaviour? Is there a solution or workaround to
circumvent this problem?


Thanks again,
Alex


2007/8/26, Alejandro Martini
<alejandro.martini@gmail.com>:
>
> I have the following problem. I''ve set up a dhcp server at Dom0
level, in
> order to provide ip addresses for the computers on my LAN. However, the
dhcp
> daemon is not answering queries, nor giving addresses.
>
> Dom0 has just one ethernet adapter configured (the physical machine has
> only one ethernet card, which is connected to the LAN switch).
>
> The dhcp daemon is running and listening (that''s at least what
netstat
> shows), with no errors reported to the system logs. I don''t think
it can be
> an iptables issue, since it seems that dhcp packets don''t pass
through the
> iptables chains (anyways, i also tried allowing all traffic -setting
default
> INPUT policy == ACCEPT-, but that didn''t help).
>
> If i try a tcpdump -i eth0 ''dst port 67'', i
can''t even see DHCPREQUEST
> packets reaching the server (client machines, based on W2K, keep retrying
> until they give up, wihtout getting a valid address). I must note that
> connectivity on Dom0 works ok, with several services working as expected
> (dns, http, squid, etc.)
>
> The server is running Debian Etch (the dhcp service configuration was
> copied from a physical server, in which it was working fine).
>
> Has anyone experienced similar problems? Any ideas on how this can be
> fixed?
>
>
> Thanks in advance,
> Alex
>
> ===================================================>
> ii  xen-hypervisor-3.0.3-1-i386-pae   3.0.3-0-2                       The
> Xen Hypervisor on i386 with pae
> ii  dhcp3-server                      3.0.4-13                        DHCP
> server for automatic IP address assignm
>
> Linux version 2.6.18-4-xen-686 (Debian 2.6.18.dfsg.1-12etch2) (
> dannf@debian.org) (gcc version 4.1.2 20061115 (prerelease) (Debian
> 4.1.1-21))
>

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

I forgot to mention one more thing that might help to debug the issue or
isolate the problem.

tshark shows that eth0 can actually see DHCPINFORM packets broadcasted on
the LAN, but it does not see DHCPDISCOVERs nor DHCPREQUESTs.

The only obvious difference that i can see between DHCPINFORM packets and
the other ones, is that the first ones come from specific addresses (client
machines that already have their ip addresses set). The other dhcp packet
types (seen by peth0 but not by eth0) have 0.0.0.0 as their source address.


Alex

2007/8/27, Alejandro Martini
<alejandro.martini@gmail.com>:
>
> Following Tibor''s advice, i disabled tx checksums for the eth0
interface,
> and then run some more tests. Here''s what i''ve found by
running two
> instances of tcpdump simultaneously (one listening on eth0, and the other
> listening on peth0):
>
> Dump 1 (listening on peth0):
>
> tcpdump -vv -i peth0 ''dst port 67 or src port 68''
> tcpdump: WARNING: peth0: no IPv4 address assigned
> tcpdump: listening on peth0, link-type EN10MB (Ethernet), capture size 96
> bytes
> 18:46:42.413530 IP (tos 0x0, ttl 128, id 6463, offset 0, flags [none],
> proto: UDP (17), length: 328) 0.0.0.0.bootpc > 255.255.255.255.bootps:
> BOOTP/DHCP, Request from 00:16:17:3b:5e:33 (oui Unknown), length 300, xid
> 0x9f266e11, secs 7168, Flags [ Broadcast ] (0x8000)
>
> Dump 2 (listening on eth0, nothing happens):
>
> tcpdump -vv -i eth0 ''dst port 67 or src port 68''
> tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96
> bytes
>
> One can conclude that DHCPDISCOVER packets are reaching the server (as
> peth0 sees them perfectly). However, those same packets don''t get
to eth0. I
> repeated the test with tshark, leaving it running for a couple of hours,
and
> while peth0 saw every dhcp broadcast on the network, eth0 didn''t
see a
> single one.
>
> Is this an expected Xen behaviour? Is there a solution or workaround to
> circumvent this problem?
>
>
> Thanks again,
> Alex
>
>
> 2007/8/26, Alejandro Martini < alejandro.martini@gmail.com>:
> >
> > I have the following problem. I''ve set up a dhcp server at
Dom0 level,
> > in order to provide ip addresses for the computers on my LAN. However,
the
> > dhcp daemon is not answering queries, nor giving addresses.
> >
> > Dom0 has just one ethernet adapter configured (the physical machine
has
> > only one ethernet card, which is connected to the LAN switch).
> >
> > The dhcp daemon is running and listening (that''s at least
what netstat
> > shows), with no errors reported to the system logs. I don''t
think it can be
> > an iptables issue, since it seems that dhcp packets don''t
pass through the
> > iptables chains (anyways, i also tried allowing all traffic -setting
default
> > INPUT policy == ACCEPT-, but that didn''t help).
> >
> > If i try a tcpdump -i eth0 ''dst port 67'', i
can''t even see DHCPREQUEST
> > packets reaching the server (client machines, based on W2K, keep
retrying
> > until they give up, wihtout getting a valid address). I must note that
> > connectivity on Dom0 works ok, with several services working as
expected
> > (dns, http, squid, etc.)
> >
> > The server is running Debian Etch (the dhcp service configuration was
> > copied from a physical server, in which it was working fine).
> >
> > Has anyone experienced similar problems? Any ideas on how this can be
> > fixed?
> >
> >
> > Thanks in advance,
> > Alex
> >
> > ===================================================> >
> > ii  xen-hypervisor-3.0.3-1-i386-pae   3.0.3-0-2
> > The Xen Hypervisor on i386 with pae
> > ii  dhcp3-server                      3.0.4-13
> > DHCP server for automatic IP address assignm
> >
> > Linux version 2.6.18-4-xen-686 (Debian 2.6.18.dfsg.1-12etch2)
(dannf@debian.org)
> > (gcc version 4.1.2 20061115 (prerelease) (Debian 4.1.1-21))
> >
>
>

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users