OpenVZ Kernel: VLAN interfaces do not receive packets
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Invalid
|
Medium
|
Unassigned | ||
Hardy |
Fix Released
|
Undecided
|
Unassigned | ||
Intrepid |
Invalid
|
Medium
|
Unassigned |
Bug Description
Binary package hint: linux-image-
Hi,
With the openvz kernel vlan interfaces don't work. It seems that packets are leaving the system, but packets are not received. On 1 system out of 5 one VLAN out of 7 was working so be aware that the problem not always present.
The bug is reported in the OpenVZ bugzilla and a patch is already created and it is attached to this bugreport.
http://
The patch has been tested and it fixes the problem.
If one wants to compile the kernel with the patch here's how to do it:
$ git-clone git://kernel.
$ cd openvz
Drop the patch in the openvz/
$ AUTOBUILD=1 NOEXTRAS=1 fakeroot debian/rules custom-
$ cd ..
$ sudo dpkg -i linux-image-
Add DEB_BUILD_
The test I run:
The "Firewall" system runs linux-image-
Config for Firewall:
---------- /etc/network/
auto vlan11
iface vlan11 inet static
address 192.168.40.1
netmask 255.255.255.0
vlan-raw-device eth1
mtu 1496
Config for Test:
---------- /etc/network/
auto vlan11
iface vlan11 inet static
address 192.168.40.10
netmask 255.255.255.0
vlan-raw-device eth0
mtu 1496
Test when "Test" system runs linux-image-
---------- Test ----------
root@test:~# ping -c2 192.168.40.1
PING 192.168.40.1 (192.168.40.1) 56(84) bytes of data.
From 192.168.40.10 icmp_seq=1 Destination Host Unreachable
From 192.168.40.10 icmp_seq=2 Destination Host Unreachable
--- 192.168.40.1 ping statistics ---
2 packets transmitted, 0 received, +2 errors, 100% packet loss, time 1000ms
, pipe 2
----------
root@test:~# tcpdump -i vlan11 -xx
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on vlan11, link-type EN10MB (Ethernet), capture size 96 bytes
22:54:50.523218 arp who-has 192.168.40.1 tell 192.168.40.10
0x0000: ffff ffff ffff 0007 9529 43a6 0806 0001
0x0010: 0800 0604 0001 0007 9529 43a6 c0a8 280a
0x0020: 0000 0000 0000 c0a8 2801
22:54:51.523163 arp who-has 192.168.40.1 tell 192.168.40.10
0x0000: ffff ffff ffff 0007 9529 43a6 0806 0001
0x0010: 0800 0604 0001 0007 9529 43a6 c0a8 280a
0x0020: 0000 0000 0000 c0a8 2801
22:54:52.523154 arp who-has 192.168.40.1 tell 192.168.40.10
0x0000: ffff ffff ffff 0007 9529 43a6 0806 0001
0x0010: 0800 0604 0001 0007 9529 43a6 c0a8 280a
0x0020: 0000 0000 0000 c0a8 2801
3 packets captured
3 packets received by filter
0 packets dropped by kernel
---------- Firewall ----------
root@firewall:~# tcpdump -i vlan11 -xx
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on vlan11, link-type EN10MB (Ethernet), capture size 96 bytes
22:54:50.104042 arp who-has 192.168.40.1 tell 192.168.40.10
0x0000: ffff ffff ffff 0007 9529 43a6 0806 0001
0x0010: 0800 0604 0001 0007 9529 43a6 c0a8 280a
0x0020: 0000 0000 0000 c0a8 2801 ffff ffff ffff
0x0030: ffff ffff ffff ffff
22:54:50.104099 arp reply 192.168.40.1 is-at 00:50:04:11:8c:da (oui Unknown)
0x0000: 0007 9529 43a6 0050 0411 8cda 0806 0001
0x0010: 0800 0604 0002 0050 0411 8cda c0a8 2801
0x0020: 0007 9529 43a6 c0a8 280a
22:54:51.103840 arp who-has 192.168.40.1 tell 192.168.40.10
0x0000: ffff ffff ffff 0007 9529 43a6 0806 0001
0x0010: 0800 0604 0001 0007 9529 43a6 c0a8 280a
0x0020: 0000 0000 0000 c0a8 2801 ffff ffff ffff
0x0030: ffff ffff ffff ffff
22:54:51.103876 arp reply 192.168.40.1 is-at 00:50:04:11:8c:da (oui Unknown)
0x0000: 0007 9529 43a6 0050 0411 8cda 0806 0001
0x0010: 0800 0604 0002 0050 0411 8cda c0a8 2801
0x0020: 0007 9529 43a6 c0a8 280a
22:54:52.103694 arp who-has 192.168.40.1 tell 192.168.40.10
0x0000: ffff ffff ffff 0007 9529 43a6 0806 0001
0x0010: 0800 0604 0001 0007 9529 43a6 c0a8 280a
0x0020: 0000 0000 0000 c0a8 2801 ffff ffff ffff
0x0030: ffff ffff ffff ffff
22:54:52.103747 arp reply 192.168.40.1 is-at 00:50:04:11:8c:da (oui Unknown)
0x0000: 0007 9529 43a6 0050 0411 8cda 0806 0001
0x0010: 0800 0604 0002 0050 0411 8cda c0a8 2801
0x0020: 0007 9529 43a6 c0a8 280a
6 packets captured
6 packets received by filter
0 packets dropped by kernel
Test when Test system runs linux-image-
---------- Test ----------
root@test:~# ping -c2 192.168.40.1
PING 192.168.40.1 (192.168.40.1) 56(84) bytes of data.
64 bytes from 192.168.40.1: icmp_seq=1 ttl=64 time=2.41 ms
64 bytes from 192.168.40.1: icmp_seq=2 ttl=64 time=0.290 ms
--- 192.168.40.1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 0.290/1.
----------
root@test:~# tcpdump -i vlan11 -xx
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on vlan11, link-type EN10MB (Ethernet), capture size 96 bytes
23:01:14.722367 arp who-has 192.168.40.1 tell 192.168.40.10
0x0000: ffff ffff ffff 0007 9529 43a6 0806 0001
0x0010: 0800 0604 0001 0007 9529 43a6 c0a8 280a
0x0020: 0000 0000 0000 c0a8 2801
23:01:14.722547 arp reply 192.168.40.1 is-at 00:50:04:11:8c:da (oui Unknown)
0x0000: 0007 9529 43a6 0050 0411 8cda 0806 0001
0x0010: 0800 0604 0002 0050 0411 8cda c0a8 2801
0x0020: 0007 9529 43a6 c0a8 280a 0000 0000 0000
0x0030: 0000 0000 0000 0000
23:01:14.722578 IP 192.168.40.10 > 192.168.40.1: ICMP echo request, id 49425,
seq 1, length 64
0x0000: 0050 0411 8cda 0007 9529 43a6 0800 4500
0x0010: 0054 0000 4000 4001 694d c0a8 280a c0a8
0x0020: 2801 0800 fd7b c111 0001 fa27 3a48 0ffe
0x0030: 0a00 0809 0a0b 0c0d 0e0f 1011 1213 1415
0x0040: 1617 1819 1a1b 1c1d 1e1f 2021 2223 2425
0x0050: 2627 2829 2a2b 2c2d 2e2f 3031 3233 3435
23:01:14.722815 IP 192.168.40.1 > 192.168.40.10: ICMP echo reply, id 49425, seq
1, length 64
0x0000: 0007 9529 43a6 0050 0411 8cda 0800 4500
0x0010: 0054 0478 0000 4001 a4d5 c0a8 2801 c0a8
0x0020: 280a 0000 057c c111 0001 fa27 3a48 0ffe
0x0030: 0a00 0809 0a0b 0c0d 0e0f 1011 1213 1415
0x0040: 1617 1819 1a1b 1c1d 1e1f 2021 2223 2425
0x0050: 2627 2829 2a2b 2c2d 2e2f 3031 3233 3435
23:01:15.722395 IP 192.168.40.10 > 192.168.40.1: ICMP echo request, id 49425,
seq 2, length 64
0x0000: 0050 0411 8cda 0007 9529 43a6 0800 4500
0x0010: 0054 0000 4000 4001 694d c0a8 280a c0a8
0x0020: 2801 0800 6b73 c111 0002 fb27 3a48 a005
0x0030: 0b00 0809 0a0b 0c0d 0e0f 1011 1213 1415
0x0040: 1617 1819 1a1b 1c1d 1e1f 2021 2223 2425
0x0050: 2627 2829 2a2b 2c2d 2e2f 3031 3233 3435
23:01:15.722626 IP 192.168.40.1 > 192.168.40.10: ICMP echo reply, id 49425, seq
2, length 64
0x0000: 0007 9529 43a6 0050 0411 8cda 0800 4500
0x0010: 0054 0479 0000 4001 a4d4 c0a8 2801 c0a8
0x0020: 280a 0000 7373 c111 0002 fb27 3a48 a005
0x0030: 0b00 0809 0a0b 0c0d 0e0f 1011 1213 1415
0x0040: 1617 1819 1a1b 1c1d 1e1f 2021 2223 2425
0x0050: 2627 2829 2a2b 2c2d 2e2f 3031 3233 3435
23:01:19.716970 arp who-has 192.168.40.10 tell 192.168.40.1
0x0000: 0007 9529 43a6 0050 0411 8cda 0806 0001
0x0010: 0800 0604 0001 0050 0411 8cda c0a8 2801
0x0020: 0000 0000 0000 c0a8 280a 0000 0000 0000
0x0030: 0000 0000 0000 0000
23:01:19.717026 arp reply 192.168.40.10 is-at 00:07:95:29:43:a6 (oui Unknown)
0x0000: 0050 0411 8cda 0007 9529 43a6 0806 0001
0x0010: 0800 0604 0002 0007 9529 43a6 c0a8 280a
0x0020: 0050 0411 8cda c0a8 2801
8 packets captured
8 packets received by filter
0 packets dropped by kernel
---------- Firewall ----------
root@firewall:~# tcpdump -i vlan11 -xx
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on vlan11, link-type EN10MB (Ethernet), capture size 96 bytes
23:01:14.297803 arp who-has 192.168.40.1 tell 192.168.40.10
0x0000: ffff ffff ffff 0007 9529 43a6 0806 0001
0x0010: 0800 0604 0001 0007 9529 43a6 c0a8 280a
0x0020: 0000 0000 0000 c0a8 2801 ffff ffff ffff
0x0030: ffff ffff ffff ffff
23:01:14.297868 arp reply 192.168.40.1 is-at 00:50:04:11:8c:da (oui Unknown)
0x0000: 0007 9529 43a6 0050 0411 8cda 0806 0001
0x0010: 0800 0604 0002 0050 0411 8cda c0a8 2801
0x0020: 0007 9529 43a6 c0a8 280a
23:01:14.297994 IP 192.168.40.10 > 192.168.40.1: ICMP echo request, id 49425,
seq 1, length 64
0x0000: 0050 0411 8cda 0007 9529 43a6 0800 4500
0x0010: 0054 0000 4000 4001 694d c0a8 280a c0a8
0x0020: 2801 0800 fd7b c111 0001 fa27 3a48 0ffe
0x0030: 0a00 0809 0a0b 0c0d 0e0f 1011 1213 1415
0x0040: 1617 1819 1a1b 1c1d 1e1f 2021 2223 2425
0x0050: 2627 2829 2a2b 2c2d 2e2f 3031 3233 3435
23:01:14.298118 IP 192.168.40.1 > 192.168.40.10: ICMP echo reply, id 49425, seq
1, length 64
0x0000: 0007 9529 43a6 0050 0411 8cda 0800 4500
0x0010: 0054 0478 0000 4001 a4d5 c0a8 2801 c0a8
0x0020: 280a 0000 057c c111 0001 fa27 3a48 0ffe
0x0030: 0a00 0809 0a0b 0c0d 0e0f 1011 1213 1415
0x0040: 1617 1819 1a1b 1c1d 1e1f 2021 2223 2425
0x0050: 2627 2829 2a2b 2c2d 2e2f 3031 3233 3435
23:01:15.297692 IP 192.168.40.10 > 192.168.40.1: ICMP echo request, id 49425,
seq 2, length 64
0x0000: 0050 0411 8cda 0007 9529 43a6 0800 4500
0x0010: 0054 0000 4000 4001 694d c0a8 280a c0a8
0x0020: 2801 0800 6b73 c111 0002 fb27 3a48 a005
0x0030: 0b00 0809 0a0b 0c0d 0e0f 1011 1213 1415
0x0040: 1617 1819 1a1b 1c1d 1e1f 2021 2223 2425
0x0050: 2627 2829 2a2b 2c2d 2e2f 3031 3233 3435
23:01:15.297793 IP 192.168.40.1 > 192.168.40.10: ICMP echo reply, id 49425, seq
2, length 64
0x0000: 0007 9529 43a6 0050 0411 8cda 0800 4500
0x0010: 0054 0479 0000 4001 a4d4 c0a8 2801 c0a8
0x0020: 280a 0000 7373 c111 0002 fb27 3a48 a005
0x0030: 0b00 0809 0a0b 0c0d 0e0f 1011 1213 1415
0x0040: 1617 1819 1a1b 1c1d 1e1f 2021 2223 2425
0x0050: 2627 2829 2a2b 2c2d 2e2f 3031 3233 3435
23:01:19.291562 arp who-has 192.168.40.10 tell 192.168.40.1
0x0000: 0007 9529 43a6 0050 0411 8cda 0806 0001
0x0010: 0800 0604 0001 0050 0411 8cda c0a8 2801
0x0020: 0000 0000 0000 c0a8 280a
23:01:19.291730 arp reply 192.168.40.10 is-at 00:07:95:29:43:a6 (oui Unknown)
0x0000: 0050 0411 8cda 0007 9529 43a6 0806 0001
0x0010: 0800 0604 0002 0007 9529 43a6 c0a8 280a
0x0020: 0050 0411 8cda c0a8 2801 ffff ffff ffff
0x0030: ffff ffff ffff ffff
8 packets captured
8 packets received by filter
0 packets dropped by kernel
Changed in openvz-kernel: | |
status: | Unknown → In Progress |
Changed in openvz-kernel: | |
status: | In Progress → Fix Released |
Changed in linux: | |
importance: | Undecided → Medium |
status: | New → Triaged |
I can confirm the problem.
The patch works for me too.