Network Problems with Linux-Bridges after update
Hi
I have a problem with using Linux-bridges on Ubuntu-Server 12.04 after upgrading on Monday 24th September. The Problem is that all incoming Packages are dropped/lost between the physical device and the bridge. I can see, by using tcpdump and pinging, that the icmp-replays hit the physical device but not the bridge. setting ´sysctl net.bridge.bridge-nf-call-iptables=0' prevents the problem and the machine has full network access again. This bug: https://bugs.launchpad.net/ubuntu/+source/procps/+bug/50093 is preventing me from using the workaround at the right place(adding it to sysctl.conf) because the machine is subject to automated shutdowns and boots (for power-saving) and there for it can not be done by hand too. For the environment: The server is a quiet minimal machine with KVM installed as host for virtual machine in a cloudenviroment (OpenNebula) and is using the bridges to create a HPC-Cluster of virtual machines with other servers in the network. Currently 2 machines are affected(one freshly installed today 27.9, the other one upgraded on 24.9). Other machines are not fully up to date(using Linux-image 3.2.0-30) and working fine. If some one can point out what is causing this problem or has a solution i would be thankful. If you need any more info I can provide this also testing is currently no problem. Thanks in advance Paul Scheller -- ubuntu-users mailing list ubuntu-users@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users |
Network Problems with Linux-Bridges after update
On Thu, 2012-09-27 at 15:50 +0200, Paul Scheller wrote:
> setting ´sysctl net.bridge.bridge-nf-call-iptables=0' prevents the > problem and the machine has full network access again. > This bug: > https://bugs.launchpad.net/ubuntu/+source/procps/+bug/50093 > is preventing me from using the workaround at the right place(adding it > to sysctl.conf) because the machine is subject to automated shutdowns > and boots (for power-saving) and there for it can not be done by hand too. The description of that bug contains a perfectly good workaround - run procps.sh twice. Just add another link to it in /etc/init.d/rc[2345].d with an appropriate name (like S40procps) and you should be good to go. Alternatively, add your own, new startup script that just does what you need, when you need it. Regards, K. -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~ Karl Auer (kauer@biplane.com.au) http://www.biplane.com.au/kauer http://www.biplane.com.au/blog GPG fingerprint: AE1D 4868 6420 AD9A A698 5251 1699 7B78 4EEE 6017 Old fingerprint: DA41 51B1 1481 16E1 F7E2 B2E9 3007 14ED 5736 F687 -- ubuntu-users mailing list ubuntu-users@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users |
Network Problems with Linux-Bridges after update
Am 27.09.2012 16:51, schrieb Karl Auer:
On Thu, 2012-09-27 at 15:50 +0200, Paul Scheller wrote: setting ´sysctl net.bridge.bridge-nf-call-iptables=0' prevents the problem and the machine has full network access again. This bug: https://bugs.launchpad.net/ubuntu/+source/procps/+bug/50093 is preventing me from using the workaround at the right place(adding it to sysctl.conf) because the machine is subject to automated shutdowns and boots (for power-saving) and there for it can not be done by hand too. The description of that bug contains a perfectly good workaround - run procps.sh twice. Just add another link to it in /etc/init.d/rc[2345].d with an appropriate name (like S40procps) and you should be good to go. Alternatively, add your own, new startup script that just does what you need, when you need it. Regards, K. Thanks for your Replay do you know if the sysctl setting gets available before the bridges get configured because my bridges get their IP via dhcp which introduces an additional 2 min delay in the already long booting time. and it seems to break the start of ´libvirt-bin -d -l' because there is no net device available for it to listen to (not yet tested) So my Question is, when is the earliest point in the boot order to load this sysctl setting successfully? I also would like to minimize the number of Workarounds applied to the Systems to ease documentation and later configuration.[1] I also would like to know what is causing the problem in the first place, for myself and maybe i need this info for documentation too. Is there any possibility to see the Package flow between the physical device and the bridge? And one more question I ask myself is why it seems to not break for other people? Regards Paul [1][OT]In my personal opinion it is also a bad habit to use a Workaround to make an other Workaround work and I would like to avoid this[/OT] -- ubuntu-users mailing list ubuntu-users@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users |
Network Problems with Linux-Bridges after update
hi,
Am Donnerstag, den 27.09.2012, 15:50 +0200 schrieb Paul Scheller: > Hi > > I have a problem with using Linux-bridges on Ubuntu-Server 12.04 after > upgrading on Monday 24th September. do you use the bridge-utils package (from the virt-host task in tasksel) ? ciao oli -- ubuntu-users mailing list ubuntu-users@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users |
Network Problems with Linux-Bridges after update
Am 28.09.2012 12:47, schrieb Oliver Grawert:
hi, Am Donnerstag, den 27.09.2012, 15:50 +0200 schrieb Paul Scheller: Hi I have a problem with using Linux-bridges on Ubuntu-Server 12.04 after upgrading on Monday 24th September. do you use the bridge-utils package (from the virt-host task in tasksel) ? ciao oli I think so, at least when looking in aptitude it is listed under tasks/virt-host with version:1.5-2ubuntu6 libvirt-bin and qemu-commen actually depend on this package so it was installed automatically. There is also no self compiled software installed and my Install Mirror is "http://de.archive.ubuntu.com/ubuntu". I have attached a ´diff broken.list working.list > diff.list' where the actual lists are simple ´dpkg -l' on a broken host and a not updated but working host if it helps you. If you need a full package list I can post it some where. Regards Paul 9,10c9,10 < ii apt 0.8.16~exp12ubuntu10.3 commandline package manager < ii apt-utils 0.8.16~exp12ubuntu10.3 package managment related utility programs --- > ii apt 0.8.16~exp12ubuntu10.2 commandline package manager > ii apt-utils 0.8.16~exp12ubuntu10.2 package managment related utility programs 32c32 < ii dbus 1.4.18-1ubuntu1.1 simple interprocess messaging system (daemon and utilities) --- > ii dbus 1.4.18-1ubuntu1 simple interprocess messaging system (daemon and utilities) 36c36 < ii dhcp3-client 4.1.ESV-R4-0ubuntu5.5 ISC DHCP server (transitional package) --- > ii dhcp3-client 4.1.ESV-R4-0ubuntu5.2 ISC DHCP server (transitional package) 52,53c52,53 < ii gnupg 1.4.11-3ubuntu2.1 GNU privacy guard - a free PGP replacement < ii gpgv 1.4.11-3ubuntu2.1 GNU privacy guard - signature verification tool --- > ii gnupg 1.4.11-3ubuntu2 GNU privacy guard - a free PGP replacement > ii gpgv 1.4.11-3ubuntu2 GNU privacy guard - signature verification tool 72,73c72,73 < ii isc-dhcp-client 4.1.ESV-R4-0ubuntu5.5 ISC DHCP client < ii isc-dhcp-common 4.1.ESV-R4-0ubuntu5.5 common files used by all the isc-dhcp* packages --- > ii isc-dhcp-client 4.1.ESV-R4-0ubuntu5.2 ISC DHCP client > ii isc-dhcp-common 4.1.ESV-R4-0ubuntu5.2 common files used by all the isc-dhcp* packages 75d74 < ii joe 3.7-2.3 user friendly full screen text editor 89,90c88,89 < ii libapt-inst1.4 0.8.16~exp12ubuntu10.3 deb package format runtime library < ii libapt-pkg4.12 0.8.16~exp12ubuntu10.3 package managment runtime library --- > ii libapt-inst1.4 0.8.16~exp12ubuntu10.2 deb package format runtime library > ii libapt-pkg4.12 0.8.16~exp12ubuntu10.2 package managment runtime library 113c112 < ii libdbus-1-3 1.4.18-1ubuntu1.1 simple interprocess messaging system (library) --- > ii libdbus-1-3 1.4.18-1ubuntu1 simple interprocess messaging system (library) 232,235c231,234 < ii linux-firmware 1.79.1 Firmware for Linux kernel drivers < ii linux-image-3.2.0-31-generic 3.2.0-31.50 Linux kernel image for version 3.2.0 on 64 bit x86 SMP < ii linux-image-server 3.2.0.31.34 Linux kernel image on Server Equipment. < ii linux-server 3.2.0.31.34 Complete Linux kernel on Server Equipment. --- > ii linux-firmware 1.79 Firmware for Linux kernel drivers > ii linux-image-3.2.0-30-generic 3.2.0-30.48 Linux kernel image for version 3.2.0 on 64 bit x86 SMP > ii linux-image-server 3.2.0.30.32 Linux kernel image on Server Equipment. > ii linux-server 3.2.0.30.32 Complete Linux kernel on Server Equipment. 281c280 < ii resolvconf 1.63ubuntu16 name server information handler --- > ii resolvconf 1.63ubuntu15 name server information handler 297c296 < ii tzdata 2012e-0ubuntu0.12.04.1 time zone and daylight-saving time data --- > ii tzdata 2012e-0ubuntu0.12.04 time zone and daylight-saving time data -- ubuntu-users mailing list ubuntu-users@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users |
Network Problems with Linux-Bridges after update
> do you know if the sysctl setting gets available before the bridges get configured because my bridges get their IP via dhcp
Â* Do you know that bridges do not require an IP address? I don’t waste an address on them. -- ubuntu-users mailing list ubuntu-users@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users |
Network Problems with Linux-Bridges after update
Am 28.09.2012 15:48, schrieb compdoc:
> do you know if the sysctl setting gets available before the bridges get configured because my bridges get their IP via dhcp Â* Do you know that bridges do not require an IP address? I don’t waste an address on them. yep I know that they in general do not require an IP address. But in this case they do need one because they are the Hosts only network devices with access to a real network and the host should also be visible to the rest of network. Actually I have 2 Bridges installed, one for each of my 2 available physical devices. This allows me to give my virtual Machines direct (no NAT) access to a Storage Network (nfs) and a separated communication Network (mainly ssh and Gridengine-daemons). This 2 Networks are also needed on the physical Hosts (for ssh and nfs). And as far as I know the bridged Ports are not allowed to be configured, apart from the configuration done by the bridge. Each bridge connects to only one physical device and a number of virtual ones. This type of configuration is described in the respective guides for KVM/libvirt networking[1]. Regards Paul [1]e.g. https://help.ubuntu.com/community/KVM/Networking and other guides An example ´brctl show' bridge nameÂ*Â*Â*Â* bridge idÂ*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â* STP enabledÂ*Â*Â*Â* interfaces br0Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â* 8000.XXXXXXXXXXXX Â*Â*Â*Â*Â* yesÂ*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â* eth0 Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â* Â* Â*Â*Â*Â*Â*Â*Â*Â*Â* Â*Â*Â* Â*Â*Â* Â*Â*Â* Â*Â*Â* Â*Â*Â* Â*Â*Â*Â* vnet0 br1Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â* 8000.XXXXXXXXXXXXÂ*Â*Â*Â*Â*Â* yesÂ*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â* eth1 Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â* Â*Â*Â*Â*Â* Â*Â*Â* Â*Â*Â* Â*Â*Â* Â*Â*Â* Â*Â*Â* Â*Â*Â*Â* vnet1 virbr0Â*Â*Â*Â*Â*Â*Â*Â*Â* 8000.000000000000Â*Â*Â*Â*Â*Â* yes ethX physical Ports (do not have IPs) vnetX Ports for virtual machine (one for each bridge and machine) virbr0 automatically created by libvirt and not used -- ubuntu-users mailing list ubuntu-users@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users |
| All times are GMT. The time now is 05:57 PM. |
VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.