Hi I need to run libvirt without ebtables support as it results in following error while running VM.... sudo virsh start instance-0000000b error: Failed to start domain instance-0000000b error: Error while building firewall: Some rules could not be created for interface tapf733e054-fe: Failure to execute command '$EBT -t nat -A libvirt-J-tapf733e054-fe -j J-tapf733e054-fe-mac' : 'Unable to update the kernel. Two possible causes: 1. Multiple ebtables programs were executing simultaneously. The ebtables userspace tool doesn't by default support multiple ebtables programs running concurrently. The ebtables option --concurrent or a tool like flock can be used to support concurrent scripts that update the ebtables kernel tables. 2. The kernel doesn't support a certain ebtables extension, consider recompiling your kernel or insmod the extension. .'. Please help regarding this. Thanks Abhishek Jain
On 27.06.2014 13:33, abhishek jain wrote:> Hi > > I need to run libvirt without ebtables support as it results in > following error while running VM.... > > > > sudo virsh start instance-0000000b > error: Failed to start domain instance-0000000b > error: Error while building firewall: Some rules could not be created > for interface tapf733e054-fe: Failure to execute command '$EBT -t nat -A > libvirt-J-tapf733e054-fe -j J-tapf733e054-fe-mac' : 'Unable to update > the kernel. Two possible causes: > 1. Multiple ebtables programs were executing simultaneously. The ebtables > userspace tool doesn't by default support multiple ebtables programs > running > concurrently. The ebtables option --concurrent or a tool like flock > can be > used to support concurrent scripts that update the ebtables kernel > tables. > 2. The kernel doesn't support a certain ebtables extension, consider > recompiling your kernel or insmod the extension. > .'.I'd suggest reconfiguring kernel so it has CONFIG_BRIDGE_NF_EBTABLES, CONFIG_BRIDGE_EBT_T_FILTER and potentially others enabled. Michal
Thanks alot Michael. I'll test and let you know if it works. On Tue, Jul 1, 2014 at 3:04 PM, Michal Privoznik <mprivozn@redhat.com> wrote:> On 27.06.2014 13:33, abhishek jain wrote: > >> Hi >> >> I need to run libvirt without ebtables support as it results in >> following error while running VM.... >> >> >> >> sudo virsh start instance-0000000b >> error: Failed to start domain instance-0000000b >> error: Error while building firewall: Some rules could not be created >> for interface tapf733e054-fe: Failure to execute command '$EBT -t nat -A >> libvirt-J-tapf733e054-fe -j J-tapf733e054-fe-mac' : 'Unable to update >> the kernel. Two possible causes: >> 1. Multiple ebtables programs were executing simultaneously. The ebtables >> userspace tool doesn't by default support multiple ebtables programs >> running >> concurrently. The ebtables option --concurrent or a tool like flock >> can be >> used to support concurrent scripts that update the ebtables kernel >> tables. >> 2. The kernel doesn't support a certain ebtables extension, consider >> recompiling your kernel or insmod the extension. >> .'. >> > > I'd suggest reconfiguring kernel so it has CONFIG_BRIDGE_NF_EBTABLES, > CONFIG_BRIDGE_EBT_T_FILTER and potentially others enabled. > > Michal >