Литницкий Александр
2008-Mar-31 13:04 UTC
[Xen-users] arp who-has packets not seen in Dom0 even by tcpdump
Hi all, I''m running Xen-3.2 and linux-image-2.6.18 as Dom0 kernel on a VT-x processor. The problem is that broadcast arp who-has packets are not seen in Dom0 kernel. I''ve tried both precompiled debian kernel and compiled latest one from sources as described at http://lists.xensource.com/archives/html/xen-users/2008-01/msg00699.html There is no linux bridge invoked, xend-config has (network-script network-dummy) There is no firewall invoked: iptables -vnL shows nothing, polices are ACCEPT. arptables is also empty. There are no DomU running. ( actually i''ve tested both hvmloader with knoppix liveCD and vanilla paravit_ops linux-2.24 kernel but it changes nothing regarding this issue) The temporary work-around was to add static arp entry at the router, but i really need to get arp-who has working! Linux-running router has vlan interface named breeze. I run "arping 10.5.5.1 -i breeze" and "tcpdump -nn -i breeze port \! 22 -e" shows: 16:31:03.725312 00:16:76:c5:a3:14 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: arp who-has 10.5.5.1 tell 10.5.5.254 16:31:04.729177 00:16:76:c5:a3:14 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: arp who-has 10.5.5.1 tell 10.5.5.254 tcpdump on xen server shows nothing. If i plug the same cable from xen server into any other server - i can see those packets. When i boot xen server using usual linux kernel (not xenified ) - i see those packets. Ethernet card used in xen server is 04:00.0 Ethernet controller: Intel Corporation 80003ES2LAN Gigabit Ethernet Controller (Copper) (rev 01) and e1000 driver is used. In other direction arp is working ok. From Xen server: breeze:~# tcpdump -nn -i lan1 -e arp tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on lan1, link-type EN10MB (Ethernet), capture size 96 bytes 16:35:27.082508 00:30:48:62:d3:4a > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: arp who-has 10.5.5.254 tell 10.5.5.1 16:35:27.083213 00:16:76:c5:a3:14 > 00:30:48:62:d3:4a, ethertype ARP (0x0806), length 60: arp reply 10.5.5.254 is-at 00:16:76:c5:a3:14 Is it a bug in xen or e1000 driver? how can i debug it and what additional info can i provide? Will be thankful for any tips, cause I''m really stuck with this issue for about a couple of days. Should i mention that i''ve already searched through all the web? Best Regards, -- Litnitchii Alexander Information Security Engineer HORS B.V. http://www.horse21.net _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Литницкий Александр
2008-Mar-31 14:19 UTC
[Xen-users] arp who-has packets not seen in Dom0 even by tcpdump
Hi all, I''m running Xen-3.2 and linux-image-2.6.18 as Dom0 kernel on a VT-x processor. The problem is that broadcast arp who-has packets are not seen in Dom0 kernel. I''ve tried both precompiled debian kernel and compiled latest one from sources as described at http://lists.xensource.com/archives/html/xen-users/2008-01/msg00699.html There is no linux bridge invoked, xend-config has (network-script network-dummy) There is no firewall invoked: iptables -vnL shows nothing, polices are ACCEPT. arptables is also empty. There are no DomU running. ( actually i''ve tested both hvmloader with knoppix liveCD and vanilla paravit_ops linux-2.24 kernel but it changes nothing regarding this issue) The temporary work-around was to add static arp entry at the router, but i really need to get arp-who has working! Linux-running router has vlan interface named breeze. I run "arping 10.5.5.1 -i breeze" and "tcpdump -nn -i breeze port \! 22 -e" shows: 16:31:03.725312 00:16:76:c5:a3:14 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: arp who-has 10.5.5.1 tell 10.5.5.254 16:31:04.729177 00:16:76:c5:a3:14 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: arp who-has 10.5.5.1 tell 10.5.5.254 tcpdump on xen server shows nothing. If i plug the same cable from xen server into any other server - i can see those packets. When i boot xen server using usual linux kernel (not xenified ) - i see those packets. Ethernet card used in xen server is 04:00.0 Ethernet controller: Intel Corporation 80003ES2LAN Gigabit Ethernet Controller (Copper) (rev 01) and e1000 driver is used. In other direction arp is working ok. From Xen server: breeze:~# tcpdump -nn -i lan1 -e arp tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on lan1, link-type EN10MB (Ethernet), capture size 96 bytes 16:35:27.082508 00:30:48:62:d3:4a > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: arp who-has 10.5.5.254 tell 10.5.5.1 16:35:27.083213 00:16:76:c5:a3:14 > 00:30:48:62:d3:4a, ethertype ARP (0x0806), length 60: arp reply 10.5.5.254 is-at 00:16:76:c5:a3:14 Is it a bug in xen or e1000 driver? how can i debug it and what additional info can i provide? Will be thankful for any tips, cause I''m really stuck with this issue for about a couple of days. Should i mention that i''ve already searched through all the web? Best Regards, -- Litnitchii Alexander Information Security Engineer HORS B.V. http://www.horse21.net _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Igor Chubin
2008-Mar-31 23:46 UTC
Re: [Xen-users] arp who-has packets not seen in Dom0 even by tcpdump
On Mo, Mär 31, 2008 at 06:19:30 +0400, Литницкий Александр wrote:> Hi all, > I''m running Xen-3.2 and linux-image-2.6.18 as Dom0 kernel on a VT-x > processor. The problem is that broadcast arp who-has packets are not > seen in Dom0 kernel. I''ve tried both precompiled debian kernel and...> > Is it a bug in xen or e1000 driver? how can i debug it and what > additional info can i provide?can you take new e1000 module sources [1] and rebuild it? [1] http://e1000.sourceforge.net/ -- WBR, i.m.chubin _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Литницкий Александр
2008-Apr-01 05:47 UTC
Re: [Xen-users] arp who-has packets not seen in Dom0 even by tcpdump (Solved)
Hello Igor, Thanks for the advice - it really helped! I compiled the latest available e1000 driver version 7.6.15.5 , copied it instead of existing one, then depmod -a /etc/init.d/networking stop; rmmod e1000; sleep 1; modprobe e1000; /etc/init.d/networking start Now arp-who has broadcast packest does reach Dom0 :) Good luck! Igor Chubin wrote:> On Mo, Mär 31, 2008 at 06:19:30 +0400, Литницкий Александр wrote: > >> Hi all, >> I''m running Xen-3.2 and linux-image-2.6.18 as Dom0 kernel on a VT-x >> processor. The problem is that broadcast arp who-has packets are not >> seen in Dom0 kernel. I''ve tried both precompiled debian kernel and >> > ... > >> Is it a bug in xen or e1000 driver? how can i debug it and what >> additional info can i provide? >> > > > can you take new e1000 module sources [1] > and rebuild it? > > [1] http://e1000.sourceforge.net/ > >-- Litnitchii Alexander Information Security Engineer HORS B.V. http://www.horse21.net _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users