Please take note that the fix that I supplied does nothing about
addressing this issue because it should not be an issue.
First of all, the fix I supplied only deals with error:
libvirtError: internal error '/sbin/iptables --table filter --delete INPUT --in-interface virbr0 --protocol udp --destination-port 69 --jump ACCEPT' exited with non-zero status 1 and signal 0: iptables: Bad rule (does a matching rule exist in that chain?).
This other error that Alle is getting:
error: internal error '/sbin/iptables --table mangle --delete POSTROUTING --out-interface virbr0 --protocol udp --destination-port 68 --jump CHECKSUM --checksum-fill' exited with non-zero status 2 and signal 0: iptables v1.4.4: unknown option `--checksum-fill'
Try `iptables -h' or 'iptables --help' for more information.
is not an actual error condition in the libvrit (0.8.3-1ubuntu14) that I
am looking at. The only code that I can find that tries to add a
checksum rule for port 68 is in networkAddIptablesRules() in the file
src/network/bridge_driver.c:
if ((network->def->ipAddress || network->def->nranges) && (iptablesAddOutputFixUdpChecksum(driver->iptables, network->def->bridge, 68) != 0)) { VIR_WARN("Could not add rule to fixup DHCP response checksums " "on network '%s'.", network->def->name); VIR_WARN0("May need to update iptables package & kernel to support CHECKSUM rule.");
}
Note that failure of iptablesAddOutputFixUdpChecksum() only emits
warnings.
The actual error string that Alle is seeing comes from virRunWithHook()
which is called to through the following sequence of functions:
which propagates an error back up the stack to networkAddIptablesRules()
but per the above code snippet, the error is discarded and a couple of
warning messages have been printed.
At this point, seeing as there are two different issues in this one
ticket, I would suggest that Alle open a new ticket covering the second
issue.
I suspect that Alle's network is failing to come up for a reason other
than the message he is seeing and the message that he sees just happens
to be the last message printed. I have been fooled by libvirt's lack of
printing error messages and misunderstanding that the last message it
did print is not in fact what was causing the failure.
I would suggest that Alle runs libvirtd in the foreground with some
debug/verbosity perhaps to get to the real root of his problem.
On Thu, 2011-02-03 at 21:04 +0000, Serge Hallyn wrote: libvirt. org/git/ ?p=libvirt. git;a=commitdif f;h=fd5b15ff1a2 ec37e75609c0915 22ae1e2c74c811 bugs.gentoo. org/334921.
> (If it did in fact fail, then I'll revert the offending patch
> http://
> as per http://
Please take note that the fix that I supplied does nothing about
addressing this issue because it should not be an issue.
First of all, the fix I supplied only deals with error:
libvirtError: internal error '/sbin/iptables --table filter --delete INPUT --in-interface virbr0 --protocol udp --destination-port 69 --jump ACCEPT' exited with non-zero status 1 and signal 0: iptables: Bad rule (does a matching rule exist in that chain?).
This other error that Alle is getting:
error: internal error '/sbin/iptables --table mangle --delete POSTROUTING --out-interface virbr0 --protocol udp --destination-port 68 --jump CHECKSUM --checksum-fill' exited with non-zero status 2 and signal 0: iptables v1.4.4: unknown option `--checksum-fill'
Try `iptables -h' or 'iptables --help' for more information.
is not an actual error condition in the libvrit (0.8.3-1ubuntu14) that I lesRules( ) in the file bridge_ driver. c:
am looking at. The only code that I can find that tries to add a
checksum rule for port 68 is in networkAddIptab
src/network/
if ((network- >def->ipAddress || network- >def->nranges) &&
(iptablesAddOu tputFixUdpCheck sum(driver- >iptables,
network- >def->bridge, 68) != 0)) {
VIR_WARN( "Could not add rule to fixup DHCP response checksums "
"on network '%s'.", network- >def->name) ;
VIR_WARN0( "May need to update iptables package & kernel to support CHECKSUM rule.");
}
Note that failure of iptablesAddOutp utFixUdpChecksu m() only emits
warnings.
The actual error string that Alle is seeing comes from virRunWithHook()
which is called to through the following sequence of functions:
iptablesAddOutp utFixUdpChecksu m ixUdpChecksum veRule
iptablesOutputF
iptablesAddRemo
virRun
virRunWithHook
which propagates an error back up the stack to networkAddIptab lesRules( )
but per the above code snippet, the error is discarded and a couple of
warning messages have been printed.
At this point, seeing as there are two different issues in this one
ticket, I would suggest that Alle open a new ticket covering the second
issue.
I suspect that Alle's network is failing to come up for a reason other
than the message he is seeing and the message that he sees just happens
to be the last message printed. I have been fooled by libvirt's lack of
printing error messages and misunderstanding that the last message it
did print is not in fact what was causing the failure.
I would suggest that Alle runs libvirtd in the foreground with some
debug/verbosity perhaps to get to the real root of his problem.