Lippert, Kenneth B.
2010-May-27 13:48 UTC
[Xen-users] Virtual machine not found by network
Hello All, First post to this mailing list... I am running Xen 3.0.1 on SuSE 10.1 on an AMD Opteron 64 Linux box. We have a class 3 (?) network here, by that I mean we have machines in several different subnets. The physical machine hosting XEN (dom0) has IP 123.456.8.1 (for instance) The domU is assigned 123.456.8.2. The domU MAC address is hard coded in the XEN config file which defines the domU. The gateway is defined in both to be 123.456.8.254. My virtual machine builds fine, and all seems well, but if the domU is inactive for a period of several minutes, with no network traffic, it seems the gateway forgets how to get to it. This is manifested by other machines on the local 123.456.8.* network being able to ping and get to the domU, but machines OUTSIDE the local net cannot. It is not a DNS problem , pings from 123.456.22.1 (for instance) fail even if the IP of the domU is specified (not just its name). For the time being I have applied duct tape by making a cron job on the domU that pings an outside machine every 5 minutes. Does this sound familiar to anyone? Thank you for your help. -kenn lippert Kenn Lippert Computation & Simulation Modeling, Product Manufacturing Division Alcoa Technical Center. Tel: 724-337-2691 Email: kenneth.lippert@alcoa.com _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
On Thu, May 27, 2010 at 09:48:06AM -0400, Lippert, Kenneth B. wrote:> The gateway is defined in both to be 123.456.8.254. > > My virtual machine builds fine, and all seems well, but if the domU is > inactive for a period of several minutes, with no network traffic, it > seems the gateway forgets how to get to it. This is manifested by > other machines on the local 123.456.8.* network being able to ping and > get to the domU, but machines OUTSIDE the local net cannot. It is not a > DNS problem , pings from 123.456.22.1 (for instance) fail even if the IP > of the domU is specified (not just its name).Sounds like the gateway 123.456.8.254 forgot the mac address of your domU. Do you have some weired firewall running on your domU blocking arp-who-has? Another machine with the same IP in the same broadcast domain? Rainer _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Lippert, Kenneth B.
2010-May-27 15:13 UTC
RE: [Xen-users] Virtual machine not found by network
Rainer, Thank you for your reply. No, no firewall running on the domU. No other machine with same IP (although there USED to be, we did some IP switching when this domU went to production mode several days ago). The domU''s old IP is now the dom0''s (and vice versa). We did this so that outside clients that attached to 123.456.8.2 wouldn''t have to change anything in their /etc/hosts, etc.). Update on my original email. The pinging from the domU to the outside didn''t actually help. What DOES help is another machine on the same LOCAL net pinging the domU every 5 minutes. I have not had a failure since that started. Are there XEN bridge settings that define how to respond to "arp-who-has" requests? Certainly sounds like that is the problem. -k -----Original Message----- From: xen-users-bounces@lists.xensource.com [mailto:xen-users-bounces@lists.xensource.com] On Behalf Of Rainer Sokoll Sent: Thursday, May 27, 2010 10:51 AM To: xen-users@lists.xensource.com Subject: Re: [Xen-users] Virtual machine not found by network On Thu, May 27, 2010 at 09:48:06AM -0400, Lippert, Kenneth B. wrote:> The gateway is defined in both to be 123.456.8.254. > > My virtual machine builds fine, and all seems well, but if the domU is > inactive for a period of several minutes, with no network traffic, it > seems the gateway forgets how to get to it. This is manifested by > other machines on the local 123.456.8.* network being able to ping and > get to the domU, but machines OUTSIDE the local net cannot. It is nota> DNS problem , pings from 123.456.22.1 (for instance) fail even if theIP> of the domU is specified (not just its name).Sounds like the gateway 123.456.8.254 forgot the mac address of your domU. Do you have some weired firewall running on your domU blocking arp-who-has? Another machine with the same IP in the same broadcast domain? Rainer _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Lippert, Kenneth B.
2010-May-27 15:52 UTC
RE: [Xen-users] Virtual machine not found by network
Another update..... Novell''s AppArmor WAS enabled on the domU. I disabled it, stopped all the pinging cron jobs, and have not had a failure since. Could that have been the problem? Thanks, -k -----Original Message----- From: xen-users-bounces@lists.xensource.com [mailto:xen-users-bounces@lists.xensource.com] On Behalf Of Lippert, Kenneth B. Sent: Thursday, May 27, 2010 11:13 AM To: xen-users@lists.xensource.com Subject: RE: [Xen-users] Virtual machine not found by network Rainer, Thank you for your reply. No, no firewall running on the domU. No other machine with same IP (although there USED to be, we did some IP switching when this domU went to production mode several days ago). The domU''s old IP is now the dom0''s (and vice versa). We did this so that outside clients that attached to 123.456.8.2 wouldn''t have to change anything in their /etc/hosts, etc.). Update on my original email. The pinging from the domU to the outside didn''t actually help. What DOES help is another machine on the same LOCAL net pinging the domU every 5 minutes. I have not had a failure since that started. Are there XEN bridge settings that define how to respond to "arp-who-has" requests? Certainly sounds like that is the problem. -k -----Original Message----- From: xen-users-bounces@lists.xensource.com [mailto:xen-users-bounces@lists.xensource.com] On Behalf Of Rainer Sokoll Sent: Thursday, May 27, 2010 10:51 AM To: xen-users@lists.xensource.com Subject: Re: [Xen-users] Virtual machine not found by network On Thu, May 27, 2010 at 09:48:06AM -0400, Lippert, Kenneth B. wrote:> The gateway is defined in both to be 123.456.8.254. > > My virtual machine builds fine, and all seems well, but if the domU is > inactive for a period of several minutes, with no network traffic, it > seems the gateway forgets how to get to it. This is manifested by > other machines on the local 123.456.8.* network being able to ping and > get to the domU, but machines OUTSIDE the local net cannot. It is nota> DNS problem , pings from 123.456.22.1 (for instance) fail even if theIP> of the domU is specified (not just its name).Sounds like the gateway 123.456.8.254 forgot the mac address of your domU. Do you have some weired firewall running on your domU blocking arp-who-has? Another machine with the same IP in the same broadcast domain? Rainer _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Lippert, Kenneth B.
2010-May-27 17:16 UTC
RE: [Xen-users] Virtual machine not found by network
Crap. Disabling AppArmor didn''t help, still broken. Put external machine''s crontab ping to every minute. We''ll see what happens now. Sorry for the many messages. -k -----Original Message----- From: xen-users-bounces@lists.xensource.com [mailto:xen-users-bounces@lists.xensource.com] On Behalf Of Lippert, Kenneth B. Sent: Thursday, May 27, 2010 11:53 AM To: xen-users@lists.xensource.com Subject: RE: [Xen-users] Virtual machine not found by network Another update..... Novell''s AppArmor WAS enabled on the domU. I disabled it, stopped all the pinging cron jobs, and have not had a failure since. Could that have been the problem? Thanks, -k -----Original Message----- From: xen-users-bounces@lists.xensource.com [mailto:xen-users-bounces@lists.xensource.com] On Behalf Of Lippert, Kenneth B. Sent: Thursday, May 27, 2010 11:13 AM To: xen-users@lists.xensource.com Subject: RE: [Xen-users] Virtual machine not found by network Rainer, Thank you for your reply. No, no firewall running on the domU. No other machine with same IP (although there USED to be, we did some IP switching when this domU went to production mode several days ago). The domU''s old IP is now the dom0''s (and vice versa). We did this so that outside clients that attached to 123.456.8.2 wouldn''t have to change anything in their /etc/hosts, etc.). Update on my original email. The pinging from the domU to the outside didn''t actually help. What DOES help is another machine on the same LOCAL net pinging the domU every 5 minutes. I have not had a failure since that started. Are there XEN bridge settings that define how to respond to "arp-who-has" requests? Certainly sounds like that is the problem. -k -----Original Message----- From: xen-users-bounces@lists.xensource.com [mailto:xen-users-bounces@lists.xensource.com] On Behalf Of Rainer Sokoll Sent: Thursday, May 27, 2010 10:51 AM To: xen-users@lists.xensource.com Subject: Re: [Xen-users] Virtual machine not found by network On Thu, May 27, 2010 at 09:48:06AM -0400, Lippert, Kenneth B. wrote:> The gateway is defined in both to be 123.456.8.254. > > My virtual machine builds fine, and all seems well, but if the domU is > inactive for a period of several minutes, with no network traffic, it > seems the gateway forgets how to get to it. This is manifested by > other machines on the local 123.456.8.* network being able to ping and > get to the domU, but machines OUTSIDE the local net cannot. It is nota> DNS problem , pings from 123.456.22.1 (for instance) fail even if theIP> of the domU is specified (not just its name).Sounds like the gateway 123.456.8.254 forgot the mac address of your domU. Do you have some weired firewall running on your domU blocking arp-who-has? Another machine with the same IP in the same broadcast domain? Rainer _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
have you enabled IP forwarding on Dom0 /etc/sysctl.conf On Thu, May 27, 2010 at 10:46 PM, Lippert, Kenneth B. <Kenneth.Lippert@alcoa.com> wrote:> Crap. > > Disabling AppArmor didn''t help, still broken. Put external machine''s > crontab ping to every minute. We''ll see what happens now. > > Sorry for the many messages. > > -k > > -----Original Message----- > From: xen-users-bounces@lists.xensource.com > [mailto:xen-users-bounces@lists.xensource.com] On Behalf Of Lippert, > Kenneth B. > Sent: Thursday, May 27, 2010 11:53 AM > To: xen-users@lists.xensource.com > Subject: RE: [Xen-users] Virtual machine not found by network > > Another update..... > > Novell''s AppArmor WAS enabled on the domU. I disabled it, stopped all > the pinging cron jobs, and have not had a failure since. > > Could that have been the problem? > > Thanks, > -k > > -----Original Message----- > From: xen-users-bounces@lists.xensource.com > [mailto:xen-users-bounces@lists.xensource.com] On Behalf Of Lippert, > Kenneth B. > Sent: Thursday, May 27, 2010 11:13 AM > To: xen-users@lists.xensource.com > Subject: RE: [Xen-users] Virtual machine not found by network > > Rainer, > > Thank you for your reply. > > No, no firewall running on the domU. > > No other machine with same IP (although there USED to be, we did some IP > switching when this domU went to production mode several days ago). The > domU''s old IP is now the dom0''s (and vice versa). We did this so that > outside clients that attached to 123.456.8.2 wouldn''t have to change > anything in their /etc/hosts, etc.). > > Update on my original email. The pinging from the domU to the outside > didn''t actually help. What DOES help is another machine on the same > LOCAL net pinging the domU every 5 minutes. I have not had a failure > since that started. > > Are there XEN bridge settings that define how to respond to > "arp-who-has" requests? Certainly sounds like that is the problem. > > -k > > > -----Original Message----- > From: xen-users-bounces@lists.xensource.com > [mailto:xen-users-bounces@lists.xensource.com] On Behalf Of Rainer > Sokoll > Sent: Thursday, May 27, 2010 10:51 AM > To: xen-users@lists.xensource.com > Subject: Re: [Xen-users] Virtual machine not found by network > > On Thu, May 27, 2010 at 09:48:06AM -0400, Lippert, Kenneth B. wrote: > >> The gateway is defined in both to be 123.456.8.254. >> >> My virtual machine builds fine, and all seems well, but if the domU is >> inactive for a period of several minutes, with no network traffic, it >> seems the gateway forgets how to get to it. This is manifested by >> other machines on the local 123.456.8.* network being able to ping and >> get to the domU, but machines OUTSIDE the local net cannot. It is not > a >> DNS problem , pings from 123.456.22.1 (for instance) fail even if the > IP >> of the domU is specified (not just its name). > > Sounds like the gateway 123.456.8.254 forgot the mac address of your > domU. > Do you have some weired firewall running on your domU blocking > arp-who-has? > Another machine with the same IP in the same broadcast domain? > > Rainer > > _______________________________________________ > Xen-users mailing list > Xen-users@lists.xensource.com > http://lists.xensource.com/xen-users > > _______________________________________________ > Xen-users mailing list > Xen-users@lists.xensource.com > http://lists.xensource.com/xen-users > > _______________________________________________ > Xen-users mailing list > Xen-users@lists.xensource.com > http://lists.xensource.com/xen-users > > _______________________________________________ > Xen-users mailing list > Xen-users@lists.xensource.com > http://lists.xensource.com/xen-users >-- Tapas _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users