WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

[Xen-devel] ARP problems in -testing?

To: <xen-devel@xxxxxxxxxxxxxxxxxxxxx>
Subject: [Xen-devel] ARP problems in -testing?
From: "Ron Watkins" <xen-devel@xxxxxxxxx>
Date: Sun, 16 Jan 2005 11:42:42 -0500
Delivery-date: Sun, 16 Jan 2005 16:43:55 +0000
Envelope-to: xen+James.Bulpin@xxxxxxxxxxxx
List-archive: <http://sourceforge.net/mailarchive/forum.php?forum=xen-devel>
List-help: <mailto:xen-devel-request@lists.sourceforge.net?subject=help>
List-id: List for Xen developers <xen-devel.lists.sourceforge.net>
List-post: <mailto:xen-devel@lists.sourceforge.net>
List-subscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>, <mailto:xen-devel-request@lists.sourceforge.net?subject=subscribe>
List-unsubscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>, <mailto:xen-devel-request@lists.sourceforge.net?subject=unsubscribe>
Sender: xen-devel-admin@xxxxxxxxxxxxxxxxxxxxx
I'm seeing something rather unusual that I thought might be an ARP problem, but further testing appears to have ruled that out.
Scenario:  slave domains with random ARP addresses.  On a fresh start of a 
domain, it is unreachable from outside.  Pinging from Domain 0 to the slave 
domain work fine, but changes nothing.
Here's the interesting part: pinging from the slave domain to any external 
host, including Domain 0, also works... and immediately 'unsticks' the net 
connection, so that everything works as I expect it to.
This seems to happen with or without my firewalling rules.  (I disable the 
antispoof section of the 'network' script, so that the firewall rules there 
don't interfere with mine.)
My initial theory was that it's an ARP problem.  I thought the outbound 
packet was being bridged properly to the outside world, the router saw the 
arp address, and started working.   But this does not appear to be correct. 
If I add a secondary IP to the eth0 inside the virtual domain, I do indeed 
see arp requests and arp replies.
When it is in 'stuck' mode, running a tcpdump from the SLAVE domain shows 
the echo requests arriving: [ips changed to protect the morally 
questionable]:
16:36:54.694003 IP 24.0.0.10 > 69.0.0.76: icmp 40: echo request seq 2344

But there are no replies issued. After I ping the outside world, which instantly 'wakes up' the connection:
16:38:57.212284 IP 24.0.0.10 > 69.0.0.76: icmp 40: echo request seq 11816
16:38:57.212314 IP 69.0.0.76 > 24.0.0.10: icmp 40: echo reply seq 11816

This is from a brand-new download today, btw.

I am really mystified. Any suggestions?

-------------------------------------------------------
The SF.Net email is sponsored by: Beat the post-holiday blues
Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek.
It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/xen-devel