Christian Fischer
2010-Mar-08 20:43 UTC
[Xen-users] Fixed for me: 3.4.2: Device 0 (vif) could not be connected. Hotplug scripts not working.
Hi Folks, hope that helps a bit. Tried 3.4.2, gentoo xen-sources-2.6.31-r10, to ran into the heavy discussed hotplug script bug. That''s (in my case) not a udev or driver problem, the problem is iptables. It hangs in frob_iptable() (vif-common.sh), the forward state rule never returns. I''ve simply commented out the handle_iptable call in vif-bridge, don''t need that because I have shorewall running. Confirmed with: xen-3.4.2 iptables-1.4.3.2 gentoo xen-sources-2.6.31-r10 gentoo xen-sources-2.6.29-r4 udev-146-r1 nothing more checked. Christian -- _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Pasi Kärkkäinen
2010-Mar-08 20:48 UTC
Re: [Xen-users] Fixed for me: 3.4.2: Device 0 (vif) could not be connected. Hotplug scripts not working.
On Mon, Mar 08, 2010 at 09:43:16PM +0100, Christian Fischer wrote:> Hi Folks, > > hope that helps a bit. > > Tried 3.4.2, gentoo xen-sources-2.6.31-r10, to ran into the heavy discussed > hotplug script bug. > > That''s (in my case) not a udev or driver problem, the problem is iptables. > It hangs in frob_iptable() (vif-common.sh), the forward state rule never > returns. > > I''ve simply commented out the handle_iptable call in vif-bridge, don''t need > that because I have shorewall running. > > > Confirmed with: > > xen-3.4.2 > iptables-1.4.3.2 > gentoo xen-sources-2.6.31-r10 > gentoo xen-sources-2.6.29-r4 > udev-146-r1 > > nothing more checked. >Can you paste the actual iptables rule/line that doesn''t work for you? -- Pasi _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Christian Fischer
2010-Mar-08 20:59 UTC
Re: [Xen-users] Fixed for me: 3.4.2: Device 0 (vif) could not be connected. Hotplug scripts not working.
On Monday 08 March 2010, Pasi Kärkkäinen wrote:> On Mon, Mar 08, 2010 at 09:43:16PM +0100, Christian Fischer wrote: > > Hi Folks, > > > > hope that helps a bit. > > > > Tried 3.4.2, gentoo xen-sources-2.6.31-r10, to ran into the heavy > > discussed hotplug script bug. > > > > That''s (in my case) not a udev or driver problem, the problem is > > iptables. It hangs in frob_iptable() (vif-common.sh), the forward state > > rule never returns. > > > > I''ve simply commented out the handle_iptable call in vif-bridge, don''t > > need that because I have shorewall running. > > > > > > Confirmed with: > > > > xen-3.4.2 > > iptables-1.4.3.2 > > gentoo xen-sources-2.6.31-r10 > > gentoo xen-sources-2.6.29-r4 > > udev-146-r1 > > > > nothing more checked. > > Can you paste the actual iptables rule/line that doesn''t work for you? > > -- Pasiiptables "$c" FORWARD -m state --state RELATED,ESTABLISHED -m physdev \ --physdev-out "$vif" -j ACCEPT 2>/dev/null which expands to iptables -I FORWARD -m state --state RELATED,ESTABLISHED -m physdev \ --physdev-out vif32.0 -j ACCEPT 2>/dev/null It returns immediately if I enter this on the command promt, running from inside the script fails. Christian -- _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Pasi Kärkkäinen
2010-Mar-08 21:14 UTC
Re: [Xen-users] Fixed for me: 3.4.2: Device 0 (vif) could not be connected. Hotplug scripts not working.
On Mon, Mar 08, 2010 at 09:59:57PM +0100, Christian Fischer wrote:> On Monday 08 March 2010, Pasi Kärkkäinen wrote: > > On Mon, Mar 08, 2010 at 09:43:16PM +0100, Christian Fischer wrote: > > > Hi Folks, > > > > > > hope that helps a bit. > > > > > > Tried 3.4.2, gentoo xen-sources-2.6.31-r10, to ran into the heavy > > > discussed hotplug script bug. > > > > > > That''s (in my case) not a udev or driver problem, the problem is > > > iptables. It hangs in frob_iptable() (vif-common.sh), the forward state > > > rule never returns. > > > > > > I''ve simply commented out the handle_iptable call in vif-bridge, don''t > > > need that because I have shorewall running. > > > > > > > > > Confirmed with: > > > > > > xen-3.4.2 > > > iptables-1.4.3.2 > > > gentoo xen-sources-2.6.31-r10 > > > gentoo xen-sources-2.6.29-r4 > > > udev-146-r1 > > > > > > nothing more checked. > > > > Can you paste the actual iptables rule/line that doesn''t work for you? > > > > -- Pasi > > iptables "$c" FORWARD -m state --state RELATED,ESTABLISHED -m physdev \ > --physdev-out "$vif" -j ACCEPT 2>/dev/null > > which expands to > > iptables -I FORWARD -m state --state RELATED,ESTABLISHED -m physdev \ > --physdev-out vif32.0 -j ACCEPT 2>/dev/null > > > It returns immediately if I enter this on the command promt, running from > inside the script fails. >Hmm.. do you get any errors about that iptables command in kernel "dmesg" ? I remember reading about that bridging + --physdev-out stuff being deprecated in newer kernels.. -- Pasi _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Christian Fischer
2010-Mar-08 21:17 UTC
Re: [Xen-users] Fixed for me: 3.4.2: Device 0 (vif) could not be connected. Hotplug scripts not working.
On Monday 08 March 2010, Pasi Kärkkäinen wrote:> On Mon, Mar 08, 2010 at 09:59:57PM +0100, Christian Fischer wrote: > > On Monday 08 March 2010, Pasi Kärkkäinen wrote: > > > On Mon, Mar 08, 2010 at 09:43:16PM +0100, Christian Fischer wrote: > > > > Hi Folks, > > > > > > > > hope that helps a bit. > > > > > > > > Tried 3.4.2, gentoo xen-sources-2.6.31-r10, to ran into the heavy > > > > discussed hotplug script bug. > > > > > > > > That''s (in my case) not a udev or driver problem, the problem is > > > > iptables. It hangs in frob_iptable() (vif-common.sh), the forward > > > > state rule never returns. > > > > > > > > I''ve simply commented out the handle_iptable call in vif-bridge, > > > > don''t need that because I have shorewall running. > > > > > > > > > > > > Confirmed with: > > > > > > > > xen-3.4.2 > > > > iptables-1.4.3.2 > > > > gentoo xen-sources-2.6.31-r10 > > > > gentoo xen-sources-2.6.29-r4 > > > > udev-146-r1 > > > > > > > > nothing more checked. > > > > > > Can you paste the actual iptables rule/line that doesn''t work for you? > > > > > > -- Pasi > > > > iptables "$c" FORWARD -m state --state RELATED,ESTABLISHED -m physdev \ > > --physdev-out "$vif" -j ACCEPT 2>/dev/null > > > > which expands to > > > > iptables -I FORWARD -m state --state RELATED,ESTABLISHED -m physdev \ > > --physdev-out vif32.0 -j ACCEPT 2>/dev/null > > > > > > It returns immediately if I enter this on the command promt, running from > > inside the script fails. > > Hmm.. do you get any errors about that iptables command in kernel "dmesg" ? > I remember reading about that bridging + --physdev-out stuff being > deprecated in newer kernels.. > > -- PasiNo, no errors. Christian -- _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users