Xen users - Jun 2007 - Ping dom0 <-> domU result in "Destination host unreachable"

Hi folks, 

I read quite some posts about "Destination host unreachable" problems
before, but none could help me to solve my issue. So here we go:

This is what I am using:

SUSE Linux Enterprise Desktop 10 SP1 - Current with all updates

Network configuration of my dom0:

foobar:~ # ip a
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast
qlen 1000
    link/ether 00:18:de:be:ea:03 brd ff:ff:ff:ff:ff:ff
3: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:17:08:45:14:f7 brd ff:ff:ff:ff:ff:ff
    inet 192.168.130.170/24 brd 255.255.255.255 scope global eth0
    inet6 fe80::217:8ff:fe45:14f7/64 scope link
       valid_lft forever preferred_lft forever
4: sit0: <NOARP> mtu 1480 qdisc noop
    link/sit 0.0.0.0 brd 0.0.0.0
5: vif0.0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
    link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff
6: veth0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
    link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
    inet 192.168.130.170/24 brd 255.255.255.255 scope global veth0
7: vif0.1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
    link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff
8: veth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
    link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
9: vif0.2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
    link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff
10: veth2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
    link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
11: vif0.3: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
    link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff
12: veth3: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
    link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
13: xenbr0: <BROADCAST,NOARP,UP> mtu 1500 qdisc noqueue
    link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff
    inet6 fe80::200:ff:fe00:0/64 scope link
       valid_lft forever preferred_lft forever
14: vif1.0: <BROADCAST,NOARP,UP> mtu 1500 qdisc pfifo_fast qlen 32
    link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff
    inet6 fe80::fcff:ffff:feff:ffff/64 scope link
       valid_lft forever preferred_lft forever
15: vif2.0: <BROADCAST,NOARP,UP> mtu 1500 qdisc pfifo_fast qlen 32
    link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff
    inet6 fe80::fcff:ffff:feff:ffff/64 scope link
       valid_lft forever preferred_lft forever
foobar:~ #                                   

foobar:~ # brctl show
bridge name     bridge id               STP enabled     interfaces
xenbr0          8000.feffffffffff       no              vif1.0
                                                        vif2.0
foobar:~ #

Options set in xend-config.sxp:

foobar:~ # cat /etc/xen/xend-config.sxp | grep "^[^#]"
(xen-api-server ((unix none)))
(xend-unix-server yes)
(xend-relocation-hosts-allow ''^localhost$
^localhost\\.localdomain$'')
(network-script network-bridge)
(vif-script vif-bridge)
(dom0-min-mem 512)
(dom0-cpus 1)
(vncpasswd '''')
foobar:~ #

No changes to network-bridge or vif-bridge yet. 

dom1:

sles10nagios:~ # ip a
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:16:3e:34:fd:a6 brd ff:ff:ff:ff:ff:ff
    inet 192.168.130.171/24 brd 192.168.130.255 scope global eth0
    inet6 fe80::216:3eff:fe34:fda6/64 scope link
       valid_lft forever preferred_lft forever
3: sit0: <NOARP> mtu 1480 qdisc noop
    link/sit 0.0.0.0 brd 0.0.0.0

dom2:

sles10mini:~ # ip a
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:16:3e:34:72:85 brd ff:ff:ff:ff:ff:ff
    inet 192.168.130.172/24 brd 192.168.130.255 scope global eth0
    inet6 fe80::216:3eff:fe34:7285/64 scope link
       valid_lft forever preferred_lft forever
3: sit0: <NOARP> mtu 1480 qdisc noop
    link/sit 0.0.0.0 brd 0.0.0.0
sles10mini:~ #

Ping dom1 from localhost:

foobar:~ # ping 192.168.130.171
PING 192.168.130.171 (192.168.130.171) 56(84) bytes of data.
From 192.168.130.170: icmp_seq=1 Destination Host Unreachable
From 192.168.130.170 icmp_seq=1 Destination Host Unreachable
From 192.168.130.170 icmp_seq=2 Destination Host Unreachable
From 192.168.130.170 icmp_seq=3 Destination Host Unreachable

--- 192.168.130.171 ping statistics ---
5 packets transmitted, 0 received, +4 errors, 100% packet loss, time 4018ms
, pipe 3
foobar:~ #

Ping dom2 from localhost:

foobar:~ # ping 192.168.130.172
PING 192.168.130.172 (192.168.130.172) 56(84) bytes of data.
From 192.168.130.170: icmp_seq=1 Destination Host Unreachable
From 192.168.130.170 icmp_seq=1 Destination Host Unreachable
From 192.168.130.170 icmp_seq=2 Destination Host Unreachable
From 192.168.130.170 icmp_seq=3 Destination Host Unreachable

--- 192.168.130.172 ping statistics ---
4 packets transmitted, 0 received, +4 errors, 100% packet loss, time 3008ms
, pipe 3
foobar:~ #

Ping xend host from dom1:

sles10nagios:~ # ping 192.168.130.170
PING 192.168.130.170 (192.168.130.170) 56(84) bytes of data.
From 192.168.130.171: icmp_seq=1 Destination Host Unreachable
From 192.168.130.171 icmp_seq=1 Destination Host Unreachable
From 192.168.130.171 icmp_seq=2 Destination Host Unreachable
From 192.168.130.171 icmp_seq=3 Destination Host Unreachable

--- 192.168.130.170 ping statistics ---
5 packets transmitted, 0 received, +4 errors, 100% packet loss, time 4014ms
, pipe 3
sles10nagios:~ #

Ping dom2 from dom1:

sles10nagios:~ # ping 192.168.130.172
PING 192.168.130.172 (192.168.130.172) 56(84) bytes of data.
64 bytes from 192.168.130.172: icmp_seq=1 ttl=64 time=0.257 ms
64 bytes from 192.168.130.172: icmp_seq=2 ttl=64 time=0.142 ms
64 bytes from 192.168.130.172: icmp_seq=3 ttl=64 time=0.139 ms
64 bytes from 192.168.130.172: icmp_seq=4 ttl=64 time=0.141 ms

--- 192.168.130.172 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 2999ms
rtt min/avg/max/mdev = 0.139/0.169/0.257/0.052 ms
sles10nagios:~ #

Ping xend host from dom2:

sles10mini:~ # ping 192.168.130.170
PING 192.168.130.170 (192.168.130.170) 56(84) bytes of data.
From 192.168.130.172: icmp_seq=1 Destination Host Unreachable
From 192.168.130.172 icmp_seq=1 Destination Host Unreachable
From 192.168.130.172 icmp_seq=2 Destination Host Unreachable
From 192.168.130.172 icmp_seq=3 Destination Host Unreachable

--- 192.168.130.170 ping statistics ---
5 packets transmitted, 0 received, +4 errors, 100% packet loss, time 4013ms
, pipe 3
sles10mini:~ #

Ping dom1 from dom2:

sles10mini:~ # ping 192.168.130.171
PING 192.168.130.171 (192.168.130.171) 56(84) bytes of data.
64 bytes from 192.168.130.171: icmp_seq=1 ttl=64 time=0.161 ms
64 bytes from 192.168.130.171: icmp_seq=2 ttl=64 time=0.137 ms
64 bytes from 192.168.130.171: icmp_seq=3 ttl=64 time=0.139 ms
64 bytes from 192.168.130.171: icmp_seq=4 ttl=64 time=0.144 ms

--- 192.168.130.171 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 2998ms
rtt min/avg/max/mdev = 0.137/0.145/0.161/0.012 ms
sles10mini:~ #

iptables settings look like

foobar:~ # iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere            PHYSDEV match
--physdev-in vif1.0
ACCEPT     all  --  anywhere             anywhere            PHYSDEV match
--physdev-in vif2.0

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
foobar:~ #

depending on of the domU''s are started or not.

What I found strange, is that a peth isn''t displayed at all in my ip a
output. Is this the result of renaming the eth devices while setting up
vethX? I saw also in some posts that xenbr0 was assigned an ip address.
Tried that as well and also set a routing entry for it but my domU''s
don''t
wanna talk to the outsite. 

Has anyone an idea what could cause this problem?

Regards, 

Sascha

This email was Anti Virus checked by Astaro Security Gateway.
http://www.astaro.com


_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

Hi, 

peth wasn''t created because of active NetworkManager. After switching
to traditional ifup everything works like a charm.

Regards, 

Sascha
>>> "Sascha Wehnert" <swehnert@britco.de> 06/25/07
12:47 PM >>>
Hi folks, 

I read quite some posts about "Destination host unreachable" problems
before, but none could help me to solve my issue. So here we go:

This is what I am using:

SUSE Linux Enterprise Desktop 10 SP1 - Current with all updates

Network configuration of my dom0:

foobar:~ # ip a
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast
qlen 1000
    link/ether 00:18:de:be:ea:03 brd ff:ff:ff:ff:ff:ff
3: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:17:08:45:14:f7 brd ff:ff:ff:ff:ff:ff
    inet 192.168.130.170/24 brd 255.255.255.255 scope global eth0
    inet6 fe80::217:8ff:fe45:14f7/64 scope link
       valid_lft forever preferred_lft forever
4: sit0: <NOARP> mtu 1480 qdisc noop
    link/sit 0.0.0.0 brd 0.0.0.0
5: vif0.0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
    link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff
6: veth0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
    link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
    inet 192.168.130.170/24 brd 255.255.255.255 scope global veth0
7: vif0.1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
    link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff
8: veth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
    link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
9: vif0.2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
    link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff
10: veth2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
    link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
11: vif0.3: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
    link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff
12: veth3: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
    link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
13: xenbr0: <BROADCAST,NOARP,UP> mtu 1500 qdisc noqueue
    link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff
    inet6 fe80::200:ff:fe00:0/64 scope link
       valid_lft forever preferred_lft forever
14: vif1.0: <BROADCAST,NOARP,UP> mtu 1500 qdisc pfifo_fast qlen 32
    link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff
    inet6 fe80::fcff:ffff:feff:ffff/64 scope link
       valid_lft forever preferred_lft forever
15: vif2.0: <BROADCAST,NOARP,UP> mtu 1500 qdisc pfifo_fast qlen 32
    link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff
    inet6 fe80::fcff:ffff:feff:ffff/64 scope link
       valid_lft forever preferred_lft forever
foobar:~ #                                   

foobar:~ # brctl show
bridge name     bridge id               STP enabled     interfaces
xenbr0          8000.feffffffffff       no              vif1.0
                                                        vif2.0
foobar:~ #

Options set in xend-config.sxp:

foobar:~ # cat /etc/xen/xend-config.sxp | grep "^[^#]"
(xen-api-server ((unix none)))
(xend-unix-server yes)
(xend-relocation-hosts-allow ''^localhost$
^localhost\\.localdomain$'')
(network-script network-bridge)
(vif-script vif-bridge)
(dom0-min-mem 512)
(dom0-cpus 1)
(vncpasswd '''')
foobar:~ #

No changes to network-bridge or vif-bridge yet. 

dom1:

sles10nagios:~ # ip a
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:16:3e:34:fd:a6 brd ff:ff:ff:ff:ff:ff
    inet 192.168.130.171/24 brd 192.168.130.255 scope global eth0
    inet6 fe80::216:3eff:fe34:fda6/64 scope link
       valid_lft forever preferred_lft forever
3: sit0: <NOARP> mtu 1480 qdisc noop
    link/sit 0.0.0.0 brd 0.0.0.0

dom2:

sles10mini:~ # ip a
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:16:3e:34:72:85 brd ff:ff:ff:ff:ff:ff
    inet 192.168.130.172/24 brd 192.168.130.255 scope global eth0
    inet6 fe80::216:3eff:fe34:7285/64 scope link
       valid_lft forever preferred_lft forever
3: sit0: <NOARP> mtu 1480 qdisc noop
    link/sit 0.0.0.0 brd 0.0.0.0
sles10mini:~ #

Ping dom1 from localhost:

foobar:~ # ping 192.168.130.171
PING 192.168.130.171 (192.168.130.171) 56(84) bytes of data.
From 192.168.130.170: icmp_seq=1 Destination Host Unreachable
From 192.168.130.170 icmp_seq=1 Destination Host Unreachable
From 192.168.130.170 icmp_seq=2 Destination Host Unreachable
From 192.168.130.170 icmp_seq=3 Destination Host Unreachable

--- 192.168.130.171 ping statistics ---
5 packets transmitted, 0 received, +4 errors, 100% packet loss, time 4018ms
, pipe 3
foobar:~ #

Ping dom2 from localhost:

foobar:~ # ping 192.168.130.172
PING 192.168.130.172 (192.168.130.172) 56(84) bytes of data.
From 192.168.130.170: icmp_seq=1 Destination Host Unreachable
From 192.168.130.170 icmp_seq=1 Destination Host Unreachable
From 192.168.130.170 icmp_seq=2 Destination Host Unreachable
From 192.168.130.170 icmp_seq=3 Destination Host Unreachable

--- 192.168.130.172 ping statistics ---
4 packets transmitted, 0 received, +4 errors, 100% packet loss, time 3008ms
, pipe 3
foobar:~ #

Ping xend host from dom1:

sles10nagios:~ # ping 192.168.130.170
PING 192.168.130.170 (192.168.130.170) 56(84) bytes of data.
From 192.168.130.171: icmp_seq=1 Destination Host Unreachable
From 192.168.130.171 icmp_seq=1 Destination Host Unreachable
From 192.168.130.171 icmp_seq=2 Destination Host Unreachable
From 192.168.130.171 icmp_seq=3 Destination Host Unreachable

--- 192.168.130.170 ping statistics ---
5 packets transmitted, 0 received, +4 errors, 100% packet loss, time 4014ms
, pipe 3
sles10nagios:~ #

Ping dom2 from dom1:

sles10nagios:~ # ping 192.168.130.172
PING 192.168.130.172 (192.168.130.172) 56(84) bytes of data.
64 bytes from 192.168.130.172: icmp_seq=1 ttl=64 time=0.257 ms
64 bytes from 192.168.130.172: icmp_seq=2 ttl=64 time=0.142 ms
64 bytes from 192.168.130.172: icmp_seq=3 ttl=64 time=0.139 ms
64 bytes from 192.168.130.172: icmp_seq=4 ttl=64 time=0.141 ms

--- 192.168.130.172 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 2999ms
rtt min/avg/max/mdev = 0.139/0.169/0.257/0.052 ms
sles10nagios:~ #

Ping xend host from dom2:

sles10mini:~ # ping 192.168.130.170
PING 192.168.130.170 (192.168.130.170) 56(84) bytes of data.
From 192.168.130.172: icmp_seq=1 Destination Host Unreachable
From 192.168.130.172 icmp_seq=1 Destination Host Unreachable
From 192.168.130.172 icmp_seq=2 Destination Host Unreachable
From 192.168.130.172 icmp_seq=3 Destination Host Unreachable

--- 192.168.130.170 ping statistics ---
5 packets transmitted, 0 received, +4 errors, 100% packet loss, time 4013ms
, pipe 3
sles10mini:~ #

Ping dom1 from dom2:

sles10mini:~ # ping 192.168.130.171
PING 192.168.130.171 (192.168.130.171) 56(84) bytes of data.
64 bytes from 192.168.130.171: icmp_seq=1 ttl=64 time=0.161 ms
64 bytes from 192.168.130.171: icmp_seq=2 ttl=64 time=0.137 ms
64 bytes from 192.168.130.171: icmp_seq=3 ttl=64 time=0.139 ms
64 bytes from 192.168.130.171: icmp_seq=4 ttl=64 time=0.144 ms

--- 192.168.130.171 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 2998ms
rtt min/avg/max/mdev = 0.137/0.145/0.161/0.012 ms
sles10mini:~ #

iptables settings look like

foobar:~ # iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere            PHYSDEV match
--physdev-in vif1.0
ACCEPT     all  --  anywhere             anywhere            PHYSDEV match
--physdev-in vif2.0

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
foobar:~ #

depending on of the domU''s are started or not.

What I found strange, is that a peth isn''t displayed at all in my ip a
output. Is this the result of renaming the eth devices while setting up
vethX? I saw also in some posts that xenbr0 was assigned an ip address.
Tried that as well and also set a routing entry for it but my domU''s
don''t
wanna talk to the outsite. 

Has anyone an idea what could cause this problem?

Regards, 

Sascha

This email was Anti Virus checked by Astaro Security Gateway.
http://www.astaro.com


_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

This email was Anti Virus checked by Astaro Security Gateway.
http://www.astaro.com



This email was Anti Virus checked by Astaro Security Gateway.
http://www.astaro.com


_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users