thr3ads.net - Xen users - [Xen-users] Temporary iptables failure with xen-3.0.2-2 [May 2006]

If this information is useful, please help other people find it:
Share via:

Gabor HALASZ

2006-May-25 11:20 UTC

[Xen-users] Temporary iptables failure with xen-3.0.2-2

Hi!

When I starts my domains, the hotplug script sometimes fails. This is a 
temprorary failure, after a few seconds it works well again.

ga-k8nf-9-4:/etc/xen# xm create ApacheSERVICE
Using config file "ApacheSERVICE".
Error: Device 0 (vif) could not be connected. Hotplug scripts not working.
ga-k8nf-9-4:/etc/xen# xm create ApacheSERVICE
Using config file "ApacheSERVICE".
Started domain ApacheSERVICE

My vif configureation:

#----------------------------------------------------------------------------
vif = [
     "ip=192.168.52.4, script=vif-route netdev=dummy2",
     "ip=192.168.51.4, script=vif-route netdev=dummy1"
]
hostname="service.xxx.xx"
#----------------------------------------------------------------------------

A part of xen-hotplug.log:

+ handle_iptable
+ iptables -L -n
+ ''['' 192.168.51.4 ''!='' ''''
'']''
+ local addr
+ frob_iptable -s 192.168.51.4
+ ''['' online == online '']''
+ local c=-A
+ iptables -A FORWARD -m physdev --physdev-in vif19.1 -s 192.168.51.4 -j 
ACCEPT
+ ''['' -A == -D '']''
+ log err ''iptables -A FORWARD -m physdev --physdev-in vif19.1
-s''
''192.168.51.4 -j ACCEPT failed.
If you are using iptables, this may affect networking for guest
domains.''
+ local level=err
+ shift
+ logger -p daemon.err -- /etc/xen/scripts/vif-route: ''iptables -A 
FORWARD -m physdev --physdev-in vif19.1 -s'' ''192.168.51.4 -j
ACCEPT failed.
If you are using iptables, this may affect networking for guest
domains.''
+ frob_iptable -p udp --sport 68 --dport 67
+ ''['' online == online '']''
+ local c=-A
+ iptables -A FORWARD -m physdev --physdev-in vif19.1 -p udp --sport 68 
--dport 67 -j ACCEPT
+ ''['' -A == -D '']''
+ log err ''iptables -A FORWARD -m physdev --physdev-in vif19.1
-p'' udp
--sport 68 --dport ''67 -j ACCEPT failed.
If you are using iptables, this may affect networking for guest
domains.''
+ local level=err
+ shift
+ logger -p daemon.err -- /etc/xen/scripts/vif-route: ''iptables -A 
FORWARD -m physdev --physdev-in vif19.1 -p'' udp --sport 68 --dport
''67
-j ACCEPT failed.
If you are using iptables, this may affect networking for guest
domains.''

The xend-debug.log is empty.

Xen version 3.0.2-2 (root@xxx.xx) (gcc version 3.4.4 20050314 
(prerelease) (Debian 3.4.3-13)) Fri May 19 13:24:37 CEST 2006
Latest ChangeSet: Mon May 15 07:51:55 2006 +0100 9679:7ae0f83cf355

What can I do?

-- 
Gabor HALASZ <halasz.g@freemail.hu>

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

Xen users - May 2006 - Temporary iptables failure with xen-3.0.2-2

[Xen-users] Temporary iptables failure with xen-3.0.2-2