James Youngman
2007-Mar-11 13:52 UTC
[Xen-users] Xen3, dom0=Linux, domU=NetBSD-3.1, ping OK, but no UDP/TCP
I am able to ping both ways between the dom0 and domU hosts, but TCP
does not seem to work. Packets are getting through:
dom0="orbital"
domU="scamp"
1. I can ssh from domU to dom0; the connection shows in netstat on
dom0 as ESTABLISHED, but the sshd process on the dom0 side hangs
forever trying to read data.
2. I can ping both ways between the two machines, however. I can also
ping another host on the same Ethernet segment (the router, in fact).
3. Traceroute from domU to dom0 works. Also from dom0 to domU. 1 hop
only, both ways. But note that while tcpdump sends UDP packets, it
only needs to receive ICMP packets.
4. I can perform DNS lookups, using as a server another machine on the
same physical segment as the dom0 box.
5. Networking on the dom0 box appears to work normally (with the
exception of being able to communicate with the domU guest).
Here is some configuration information.
A. First, the domU config file:
# cat /etc/xen/vmNetBSD_1.config
# Start of configuration file.
name ="vmNetBSD_1"
kernel = "/var/vserver/Xen/kernels/netbsd-XEN3_DOMU"
root = "/dev/wd0d"
memory = 128
disk =
[''file:/var/vserver/Xen/images/vm-NetBSD_1-root.img,0x03,w'',
''file:/var/vserver/Xen/images/vm-NetBSD_1-swap.img,0x04,w''
]
# network
vif = [ ''bridge=xenbr0'' ]
# End of configuration file.
B. The guest list
# xm list
Name ID Mem(MiB) VCPUs State Time(s)
Domain-0 0 873 2 r----- 371.9
vmNetBSD_1 9 128 1 -b---- 2.1
C. The bridge:
#
# brctl show
bridge name bridge id STP enabled interfaces
xenbr0 8000.feffffffffff no vif0.0
peth0
vif9.0
D. Network setup on the dom0 box:
# ifconfig
eth0 Link encap:Ethernet HWaddr 00:A0:C9:0F:5C:80
inet addr:192.168.15.42 Bcast:192.168.15.255 Mask:255.255.255.0
inet6 addr: fe80::2a0:c9ff:fe0f:5c80/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1969 errors:0 dropped:0 overruns:0 frame:0
TX packets:2016 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1284927 (1.2 MiB) TX bytes:346377 (338.2 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:119 errors:0 dropped:0 overruns:0 frame:0
TX packets:119 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:18388 (17.9 KiB) TX bytes:18388 (17.9 KiB)
peth0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:2094 errors:0 dropped:0 overruns:0 frame:0
TX packets:2133 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1300287 (1.2 MiB) TX bytes:350978 (342.7 KiB)
vif0.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:2016 errors:0 dropped:0 overruns:0 frame:0
TX packets:1969 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:346377 (338.2 KiB) TX bytes:1284927 (1.2 MiB)
vif9.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:56 errors:0 dropped:0 overruns:0 frame:0
TX packets:73 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2745 (2.6 KiB) TX bytes:5904 (5.7 KiB)
xenbr0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:28 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1424 (1.3 KiB) TX bytes:0 (0.0 b)
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.15.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
0.0.0.0 192.168.15.1 0.0.0.0 UG 0 0 0 eth0
# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT 0 -- anywhere anywhere PHYSDEV
match --physdev-in vif9.0
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
# lsmod | grep ip
ip_conntrack 49856 0
nfnetlink 7448 1 ip_conntrack
iptable_filter 3872 1
ip_tables 13892 1 iptable_filter
x_tables 14084 2 xt_physdev,ip_tables
ipv6 229088 24
E. Network setup on the domU box:-
# netstat -rn
Routing tables
Internet:
Destination Gateway Flags Refs Use Mtu Interface
default 192.168.15.1 UGS 0 0 - xennet0
127/8 127.0.0.1 UGRS 0 0 33192 lo0
127.0.0.1 127.0.0.1 UH 1 26 33192 lo0
192.168.15/24 link#2 UC 2 0 - xennet0
192.168.15.1 00:13:10:29:10:c8 UHLc 1 15 - xennet0
192.168.15.42 00:a0:c9:0f:5c:80 UHLc 0 22 - xennet0
XNS:
Destination Gateway Flags Refs Use Mtu Interface
ISO:
Destination Gateway Flags Refs Use Mtu Interface
X.25:
Destination Gateway Flags Refs Use Mtu Interface
AppleTalk:
Destination Gateway Flags Refs Use Mtu Interface
Internet6:
Destination Gateway
Flags Refs Use Mtu Interface
::/104 ::1 UGRS
0 0 - lo0 =>
::/96 ::1 UGRS
0 0 - lo0
::1 ::1 UH
12 2 33192 lo0
::127.0.0.0/104 ::1 UGRS
0 0 - lo0
::224.0.0.0/100 ::1 UGRS
0 0 - lo0
::255.0.0.0/104 ::1 UGRS
0 0 - lo0
::ffff:0.0.0.0/96 ::1 UGRS
0 0 - lo0
2002::/24 ::1 UGRS
0 0 - lo0
2002:7f00::/24 ::1 UGRS
0 0 - lo0
2002:e000::/20 ::1 UGRS
0 0 - lo0
2002:ff00::/24 ::1 UGRS
0 0 - lo0
fe80::/10 ::1 UGRS
0 0 - lo0
fe80::%lo0/64 fe80::1%lo0 U
0 0 - lo0
fe80::1%lo0 link#1 UHL
0 0 - lo0
fe80::%xennet0/64 link#2 UC
0 0 - xennet0
fe80::216:3eff:fe71:c1bb%xennet0 00:16:3e:71:c1:bb UHL
0 0 - lo0
fec0::/10 ::1 UGRS
0 0 - lo0
ff01::/32 ::1 UC
0 0 - lo0
ff02::%lo0/32 ::1 UC
0 0 - lo0
ff02::%xennet0/32 link#2 UC
0 0 - xennet0
# ifconfig -a
lo0: flags=8009<UP,LOOPBACK,MULTICAST> mtu 33192
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
xennet0: flags=8863<UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST> mtu
1500
address: 00:16:3e:71:c1:bb
inet 192.168.15.10 netmask 0xffffff00 broadcast 192.168.15.255
inet6 fe80::216:3eff:fe71:c1bb%xennet0 prefixlen 64 scopeid 0x2
f. The long guest list
# xm list --long
(domain
(domid 0)
(uuid 00000000-0000-0000-0000-000000000000)
(vcpus 2)
(cpu_weight 1.0)
(memory 873)
(shadow_memory 0)
(maxmem 873)
(features )
(name Domain-0)
(on_poweroff destroy)
(on_reboot restart)
(on_crash restart)
(state r-----)
(shutdown_reason poweroff)
(cpu_time 399.350477433)
(online_vcpus 2)
)
(domain
(domid 9)
(uuid 9e74c1d1-a291-11d9-5ae6-5c75b2aedc8b)
(vcpus 1)
(cpu_weight 1.0)
(memory 128)
(shadow_memory 0)
(maxmem 128)
(features )
(name vmNetBSD_1)
(on_poweroff destroy)
(on_reboot restart)
(on_crash restart)
(image
(linux
(kernel /var/vserver/Xen/kernels/netbsd-XEN3_DOMU)
(root /dev/wd0d)
)
)
(device
(vif
(backend 0)
(script vif-bridge)
(bridge xenbr0)
(mac 00:16:3e:71:c1:bb)
)
)
(device
(vbd
(backend 0)
(dev 0x03:disk)
(uname file:/var/vserver/Xen/images/vm-NetBSD_1-root.img)
(mode w)
)
)
(device
(vbd
(backend 0)
(dev 0x04:disk)
(uname file:/var/vserver/Xen/images/vm-NetBSD_1-swap.img)
(mode w)
)
)
(state -b----)
(shutdown_reason poweroff)
(cpu_time 2.481514878)
(online_vcpus 1)
(up_time 1122.03251195)
(start_time 1173620019.34)
(store_mfn 86152)
(console_mfn 86151)
)
.. any ideas? Any evidence I should have included?
James.
_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users
James Youngman
2007-Mar-11 15:20 UTC
[Xen-users] Re: Xen3, dom0=Linux, domU=NetBSD-3.1, ping OK, but no UDP/TCP
On 3/11/07, James Youngman <jay@gmail.com> wrote:> I am able to ping both ways between the dom0 and domU hosts, but TCP > does not seem to work. Packets are getting through: > > dom0="orbital" > domU="scamp" > > 1. I can ssh from domU to dom0; the connection shows in netstat on > dom0 as ESTABLISHED, but the sshd process on the dom0 side hangs > forever trying to read data. > > 2. I can ping both ways between the two machines, however. I can also > ping another host on the same Ethernet segment (the router, in fact).Hmm, it appears to be a checksum problem (incorrect checksum for packets leaving dom0 and going to domU), but I don''t know what to do about it. Suggestions? orbital:~# tcpdump -vv -i eth0 tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes 15:18:47.752952 IP (tos 0x0, ttl 64, id 63, offset 0, flags [DF], proto: TCP (6), length: 64) scamp.65527 > orbital.ssh: S, cksum 0x3aa9 (correct), 1369213480:1369213480(0) win 32768 <mss 1460,nop,wscale 0,sackOK,nop,nop,nop,nop,timestamp 0 0> 15:18:47.753709 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto: TCP (6), length: 52) orbital.ssh > scamp.65527: S, cksum 0xf518 (correct), 1241685437:1241685437(0) ack 1369213481 win 5840 <mss 1460,nop,nop,sackOK,nop,wscale 7> 15:18:47.753000 IP (tos 0x0, ttl 64, id 64, offset 0, flags [DF], proto: TCP (6), length: 40) scamp.65527 > orbital.ssh: ., cksum 0xc98e (correct), 1:1(0) ack 1 win 33580 15:18:47.765901 IP (tos 0x0, ttl 64, id 42119, offset 0, flags [DF], proto: TCP (6), length: 71) orbital.ssh > scamp.65527: P, cksum 0x9fbe (incorrect (-> 0x24c5), 1:32(31) ack 1 win 46 15:18:50.764513 IP (tos 0x0, ttl 64, id 42120, offset 0, flags [DF], proto: TCP (6), length: 71) orbital.ssh > scamp.65527: P, cksum 0x9fbe (incorrect (-> 0x24c5), 1:32(31) ack 1 win 46 15:18:54.070083 IP (tos 0x0, ttl 64, id 65, offset 0, flags [DF], proto: TCP (6), length: 40) scamp.65527 > orbital.ssh: F, cksum 0xc98d (correct), 1:1(0) ack 1 win 33580 15:18:54.071377 IP (tos 0x0, ttl 64, id 42121, offset 0, flags [DF], proto: TCP (6), length: 40) orbital.ssh > scamp.65527: F, cksum 0x4c6c (correct), 32:32(0) ack 2 win 46 15:18:54.071899 IP (tos 0x0, ttl 64, id 66, offset 0, flags [DF], proto: TCP (6), length: 52) scamp.65527 > orbital.ssh: ., cksum 0xc3b5 (correct), 2:2(0) ack 1 win 33580 <nop,nop,sack 1 {32:33}> 15:18:55.544536 IP (tos 0x0, ttl 64, id 3078, offset 0, flags [DF], proto: TCP (6), length: 71) orbital.ssh > scamp.65528: P, cksum 0x9fbe (incorrect (-> 0x0741), 1141107199:1141107230(31) ack 2789412035 win 46 15:18:56.764528 IP (tos 0x0, ttl 64, id 42122, offset 0, flags [DF], proto: TCP (6), length: 71) orbital.ssh > scamp.65527: P, cksum 0x9fbe (incorrect (-> 0x24c4), 1:32(31) ack 2 win 46 10 packets captured 10 packets received by filter 0 packets dropped by kernel _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users