Ubuntu
linux package

OpenVZ Kernel: VLAN interfaces do not receive packets

Bug #235207 reported by Karoly Molnar
10
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Invalid
Medium
Unassigned
Hardy
Fix Released
Undecided
Unassigned
Intrepid
Invalid
Medium
Unassigned

Bug Description

Binary package hint: linux-image-2.6.24-17-openvz

Hi,

With the openvz kernel vlan interfaces don't work. It seems that packets are leaving the system, but packets are not received. On 1 system out of 5 one VLAN out of 7 was working so be aware that the problem not always present.

The bug is reported in the OpenVZ bugzilla and a patch is already created and it is attached to this bugreport.
http://bugzilla.openvz.org/show_bug.cgi?id=885

The patch has been tested and it fixes the problem.

If one wants to compile the kernel with the patch here's how to do it:
$ git-clone git://kernel.ubuntu.com/ubuntu/ubuntu-hardy.git openvz
$ cd openvz
Drop the patch in the openvz/debian/binary-custom.d/openvz/patchset/ folder
$ AUTOBUILD=1 NOEXTRAS=1 fakeroot debian/rules custom-binary-openvz
$ cd ..
$ sudo dpkg -i linux-image-2.6.24-19-openvz_2.6.24-19.33_i386.deb

Add DEB_BUILD_OPTIONS=parallel=N if you have more then one core and substitute N with the number of cores you'd like to use

The test I run:
The "Firewall" system runs linux-image-2.6.24-16-server kernel

Config for Firewall:
---------- /etc/network/interfaces ----------
auto vlan11
iface vlan11 inet static
    address 192.168.40.1
    netmask 255.255.255.0
    vlan-raw-device eth1
    mtu 1496

Config for Test:
---------- /etc/network/interfaces ----------
auto vlan11
iface vlan11 inet static
    address 192.168.40.10
    netmask 255.255.255.0
    vlan-raw-device eth0
    mtu 1496

Test when "Test" system runs linux-image-2.6.24-17-openvz kernel
---------- Test ----------
root@test:~# ping -c2 192.168.40.1
PING 192.168.40.1 (192.168.40.1) 56(84) bytes of data.
From 192.168.40.10 icmp_seq=1 Destination Host Unreachable
From 192.168.40.10 icmp_seq=2 Destination Host Unreachable

--- 192.168.40.1 ping statistics ---
2 packets transmitted, 0 received, +2 errors, 100% packet loss, time 1000ms
, pipe 2
----------
root@test:~# tcpdump -i vlan11 -xx
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on vlan11, link-type EN10MB (Ethernet), capture size 96 bytes
22:54:50.523218 arp who-has 192.168.40.1 tell 192.168.40.10
        0x0000: ffff ffff ffff 0007 9529 43a6 0806 0001
        0x0010: 0800 0604 0001 0007 9529 43a6 c0a8 280a
        0x0020: 0000 0000 0000 c0a8 2801
22:54:51.523163 arp who-has 192.168.40.1 tell 192.168.40.10
        0x0000: ffff ffff ffff 0007 9529 43a6 0806 0001
        0x0010: 0800 0604 0001 0007 9529 43a6 c0a8 280a
        0x0020: 0000 0000 0000 c0a8 2801
22:54:52.523154 arp who-has 192.168.40.1 tell 192.168.40.10
        0x0000: ffff ffff ffff 0007 9529 43a6 0806 0001
        0x0010: 0800 0604 0001 0007 9529 43a6 c0a8 280a
        0x0020: 0000 0000 0000 c0a8 2801

3 packets captured
3 packets received by filter
0 packets dropped by kernel
---------- Firewall ----------
root@firewall:~# tcpdump -i vlan11 -xx
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on vlan11, link-type EN10MB (Ethernet), capture size 96 bytes
22:54:50.104042 arp who-has 192.168.40.1 tell 192.168.40.10
        0x0000: ffff ffff ffff 0007 9529 43a6 0806 0001
        0x0010: 0800 0604 0001 0007 9529 43a6 c0a8 280a
        0x0020: 0000 0000 0000 c0a8 2801 ffff ffff ffff
        0x0030: ffff ffff ffff ffff
22:54:50.104099 arp reply 192.168.40.1 is-at 00:50:04:11:8c:da (oui Unknown)
        0x0000: 0007 9529 43a6 0050 0411 8cda 0806 0001
        0x0010: 0800 0604 0002 0050 0411 8cda c0a8 2801
        0x0020: 0007 9529 43a6 c0a8 280a
22:54:51.103840 arp who-has 192.168.40.1 tell 192.168.40.10
        0x0000: ffff ffff ffff 0007 9529 43a6 0806 0001
        0x0010: 0800 0604 0001 0007 9529 43a6 c0a8 280a
        0x0020: 0000 0000 0000 c0a8 2801 ffff ffff ffff
        0x0030: ffff ffff ffff ffff
22:54:51.103876 arp reply 192.168.40.1 is-at 00:50:04:11:8c:da (oui Unknown)
        0x0000: 0007 9529 43a6 0050 0411 8cda 0806 0001
        0x0010: 0800 0604 0002 0050 0411 8cda c0a8 2801
        0x0020: 0007 9529 43a6 c0a8 280a
22:54:52.103694 arp who-has 192.168.40.1 tell 192.168.40.10
        0x0000: ffff ffff ffff 0007 9529 43a6 0806 0001
        0x0010: 0800 0604 0001 0007 9529 43a6 c0a8 280a
        0x0020: 0000 0000 0000 c0a8 2801 ffff ffff ffff
        0x0030: ffff ffff ffff ffff
22:54:52.103747 arp reply 192.168.40.1 is-at 00:50:04:11:8c:da (oui Unknown)
        0x0000: 0007 9529 43a6 0050 0411 8cda 0806 0001
        0x0010: 0800 0604 0002 0050 0411 8cda c0a8 2801
        0x0020: 0007 9529 43a6 c0a8 280a

6 packets captured
6 packets received by filter
0 packets dropped by kernel

Test when Test system runs linux-image-2.6.24-16-server kernel
---------- Test ----------
root@test:~# ping -c2 192.168.40.1
PING 192.168.40.1 (192.168.40.1) 56(84) bytes of data.
64 bytes from 192.168.40.1: icmp_seq=1 ttl=64 time=2.41 ms
64 bytes from 192.168.40.1: icmp_seq=2 ttl=64 time=0.290 ms

--- 192.168.40.1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 0.290/1.353/2.416/1.063 ms
----------
root@test:~# tcpdump -i vlan11 -xx
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on vlan11, link-type EN10MB (Ethernet), capture size 96 bytes
23:01:14.722367 arp who-has 192.168.40.1 tell 192.168.40.10
        0x0000: ffff ffff ffff 0007 9529 43a6 0806 0001
        0x0010: 0800 0604 0001 0007 9529 43a6 c0a8 280a
        0x0020: 0000 0000 0000 c0a8 2801
23:01:14.722547 arp reply 192.168.40.1 is-at 00:50:04:11:8c:da (oui Unknown)
        0x0000: 0007 9529 43a6 0050 0411 8cda 0806 0001
        0x0010: 0800 0604 0002 0050 0411 8cda c0a8 2801
        0x0020: 0007 9529 43a6 c0a8 280a 0000 0000 0000
        0x0030: 0000 0000 0000 0000
23:01:14.722578 IP 192.168.40.10 > 192.168.40.1: ICMP echo request, id 49425,
seq 1, length 64
        0x0000: 0050 0411 8cda 0007 9529 43a6 0800 4500
        0x0010: 0054 0000 4000 4001 694d c0a8 280a c0a8
        0x0020: 2801 0800 fd7b c111 0001 fa27 3a48 0ffe
        0x0030: 0a00 0809 0a0b 0c0d 0e0f 1011 1213 1415
        0x0040: 1617 1819 1a1b 1c1d 1e1f 2021 2223 2425
        0x0050: 2627 2829 2a2b 2c2d 2e2f 3031 3233 3435
23:01:14.722815 IP 192.168.40.1 > 192.168.40.10: ICMP echo reply, id 49425, seq
1, length 64
        0x0000: 0007 9529 43a6 0050 0411 8cda 0800 4500
        0x0010: 0054 0478 0000 4001 a4d5 c0a8 2801 c0a8
        0x0020: 280a 0000 057c c111 0001 fa27 3a48 0ffe
        0x0030: 0a00 0809 0a0b 0c0d 0e0f 1011 1213 1415
        0x0040: 1617 1819 1a1b 1c1d 1e1f 2021 2223 2425
        0x0050: 2627 2829 2a2b 2c2d 2e2f 3031 3233 3435
23:01:15.722395 IP 192.168.40.10 > 192.168.40.1: ICMP echo request, id 49425,
seq 2, length 64
        0x0000: 0050 0411 8cda 0007 9529 43a6 0800 4500
        0x0010: 0054 0000 4000 4001 694d c0a8 280a c0a8
        0x0020: 2801 0800 6b73 c111 0002 fb27 3a48 a005
        0x0030: 0b00 0809 0a0b 0c0d 0e0f 1011 1213 1415
        0x0040: 1617 1819 1a1b 1c1d 1e1f 2021 2223 2425
        0x0050: 2627 2829 2a2b 2c2d 2e2f 3031 3233 3435
23:01:15.722626 IP 192.168.40.1 > 192.168.40.10: ICMP echo reply, id 49425, seq
2, length 64
        0x0000: 0007 9529 43a6 0050 0411 8cda 0800 4500
        0x0010: 0054 0479 0000 4001 a4d4 c0a8 2801 c0a8
        0x0020: 280a 0000 7373 c111 0002 fb27 3a48 a005
        0x0030: 0b00 0809 0a0b 0c0d 0e0f 1011 1213 1415
        0x0040: 1617 1819 1a1b 1c1d 1e1f 2021 2223 2425
        0x0050: 2627 2829 2a2b 2c2d 2e2f 3031 3233 3435
23:01:19.716970 arp who-has 192.168.40.10 tell 192.168.40.1
        0x0000: 0007 9529 43a6 0050 0411 8cda 0806 0001
        0x0010: 0800 0604 0001 0050 0411 8cda c0a8 2801
        0x0020: 0000 0000 0000 c0a8 280a 0000 0000 0000
        0x0030: 0000 0000 0000 0000
23:01:19.717026 arp reply 192.168.40.10 is-at 00:07:95:29:43:a6 (oui Unknown)
        0x0000: 0050 0411 8cda 0007 9529 43a6 0806 0001
        0x0010: 0800 0604 0002 0007 9529 43a6 c0a8 280a
        0x0020: 0050 0411 8cda c0a8 2801

8 packets captured
8 packets received by filter
0 packets dropped by kernel
---------- Firewall ----------
root@firewall:~# tcpdump -i vlan11 -xx
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on vlan11, link-type EN10MB (Ethernet), capture size 96 bytes
23:01:14.297803 arp who-has 192.168.40.1 tell 192.168.40.10
        0x0000: ffff ffff ffff 0007 9529 43a6 0806 0001
        0x0010: 0800 0604 0001 0007 9529 43a6 c0a8 280a
        0x0020: 0000 0000 0000 c0a8 2801 ffff ffff ffff
        0x0030: ffff ffff ffff ffff
23:01:14.297868 arp reply 192.168.40.1 is-at 00:50:04:11:8c:da (oui Unknown)
        0x0000: 0007 9529 43a6 0050 0411 8cda 0806 0001
        0x0010: 0800 0604 0002 0050 0411 8cda c0a8 2801
        0x0020: 0007 9529 43a6 c0a8 280a
23:01:14.297994 IP 192.168.40.10 > 192.168.40.1: ICMP echo request, id 49425,
seq 1, length 64
        0x0000: 0050 0411 8cda 0007 9529 43a6 0800 4500
        0x0010: 0054 0000 4000 4001 694d c0a8 280a c0a8
        0x0020: 2801 0800 fd7b c111 0001 fa27 3a48 0ffe
        0x0030: 0a00 0809 0a0b 0c0d 0e0f 1011 1213 1415
        0x0040: 1617 1819 1a1b 1c1d 1e1f 2021 2223 2425
        0x0050: 2627 2829 2a2b 2c2d 2e2f 3031 3233 3435
23:01:14.298118 IP 192.168.40.1 > 192.168.40.10: ICMP echo reply, id 49425, seq
1, length 64
        0x0000: 0007 9529 43a6 0050 0411 8cda 0800 4500
        0x0010: 0054 0478 0000 4001 a4d5 c0a8 2801 c0a8
        0x0020: 280a 0000 057c c111 0001 fa27 3a48 0ffe
        0x0030: 0a00 0809 0a0b 0c0d 0e0f 1011 1213 1415
        0x0040: 1617 1819 1a1b 1c1d 1e1f 2021 2223 2425
        0x0050: 2627 2829 2a2b 2c2d 2e2f 3031 3233 3435
23:01:15.297692 IP 192.168.40.10 > 192.168.40.1: ICMP echo request, id 49425,
seq 2, length 64
        0x0000: 0050 0411 8cda 0007 9529 43a6 0800 4500
        0x0010: 0054 0000 4000 4001 694d c0a8 280a c0a8
        0x0020: 2801 0800 6b73 c111 0002 fb27 3a48 a005
        0x0030: 0b00 0809 0a0b 0c0d 0e0f 1011 1213 1415
        0x0040: 1617 1819 1a1b 1c1d 1e1f 2021 2223 2425
        0x0050: 2627 2829 2a2b 2c2d 2e2f 3031 3233 3435
23:01:15.297793 IP 192.168.40.1 > 192.168.40.10: ICMP echo reply, id 49425, seq
2, length 64
        0x0000: 0007 9529 43a6 0050 0411 8cda 0800 4500
        0x0010: 0054 0479 0000 4001 a4d4 c0a8 2801 c0a8
        0x0020: 280a 0000 7373 c111 0002 fb27 3a48 a005
        0x0030: 0b00 0809 0a0b 0c0d 0e0f 1011 1213 1415
        0x0040: 1617 1819 1a1b 1c1d 1e1f 2021 2223 2425
        0x0050: 2627 2829 2a2b 2c2d 2e2f 3031 3233 3435
23:01:19.291562 arp who-has 192.168.40.10 tell 192.168.40.1
        0x0000: 0007 9529 43a6 0050 0411 8cda 0806 0001
        0x0010: 0800 0604 0001 0050 0411 8cda c0a8 2801
        0x0020: 0000 0000 0000 c0a8 280a
23:01:19.291730 arp reply 192.168.40.10 is-at 00:07:95:29:43:a6 (oui Unknown)
        0x0000: 0050 0411 8cda 0007 9529 43a6 0806 0001
        0x0010: 0800 0604 0002 0007 9529 43a6 c0a8 280a
        0x0020: 0050 0411 8cda c0a8 2801 ffff ffff ffff
        0x0030: ffff ffff ffff ffff

8 packets captured
8 packets received by filter
0 packets dropped by kernel

Revision history for this message
Karoly Molnar (karoly-molnar) wrote :
Bug Watch Updater (bug-watch-updater)
Changed in openvz-kernel:
status: Unknown → In Progress
Revision history for this message
Cedric Schieli (cschieli) wrote :

I can confirm the problem.
The patch works for me too.

Bug Watch Updater (bug-watch-updater)
Changed in openvz-kernel:
status: In Progress → Fix Released
Daniel Hahler (blueyed)
Changed in linux:
importance: Undecided → Medium
status: New → Triaged
Revision history for this message
Martin Pitt (pitti) wrote :

Copied to hardy-updates. The new kernel was tested extensively by many people, who reported back in other bug reports. Due to lack of feedback, this particular bug was not confirmed to be tested, though. Please report back here if the bug still occurs for you with the new kernel packages, then we will reopen this bug.

Changed in linux:
status: New → Fix Released
Revision history for this message
Martin Pitt (pitti) wrote :

Tim, please apply the fix from the hardy SRU to intrepid as well.

Changed in linux:
assignee: nobody → timg-tpi
status: Triaged → Fix Committed
Revision history for this message
Tim Gardner (timg-tpi) wrote :

openvz is not applicable to Intrepid

Changed in linux:
assignee: timg-tpi → nobody
status: Fix Committed → Invalid
Revision history for this message
Lorenco Trichardt (trichalo) wrote :

I do believe that this is still happening....
Linux mail 2.6.24-21-openvz #1 SMP Wed Oct 22 02:50:53 UTC 2008 i686 GNU/Linux

Revision history for this message
Karoly Molnar (karoly-molnar) wrote :

For me this is working on several servers. What is not working for you Lorenco?

Revision history for this message
Lorenco Trichardt (trichalo) wrote : Re: [Bug 235207] Re: OpenVZ Kernel: VLAN interfaces do not receive packets

Ok, got my problem. My firewall was blocking the content *blush*

Groetnis ...
Lorenco Trichardt
<email address hidden>

---------------------------------------------
Written Today, 12 Nov 2008 at 19:08
---------------------------------------------

-----Original Message-----
From: Karoly Molnar <email address hidden>
Reply-to: Bug 235207 <email address hidden>
To: <email address hidden>
Subject: [Bug 235207] Re: OpenVZ Kernel: VLAN interfaces do not receive
packets
Date: Wed, 12 Nov 2008 14:41:16 -0000

For me this is working on several servers. What is not working for you
Lorenco?

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.