From owner-freebsd-xen@freebsd.org Wed Aug 3 09:25:38 2016 Return-Path: Delivered-To: freebsd-xen@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C7714BAB07D; Wed, 3 Aug 2016 09:25:38 +0000 (UTC) (envelope-from prvs=016a9660e=roger.pau@citrix.com) Received: from SMTP.CITRIX.COM (smtp.citrix.com [66.165.176.89]) (using TLSv1.2 with cipher RC4-SHA (128/128 bits)) (Client CN "mail.citrix.com", Issuer "DigiCert SHA2 Secure Server CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 0836B1F8B; Wed, 3 Aug 2016 09:25:37 +0000 (UTC) (envelope-from prvs=016a9660e=roger.pau@citrix.com) X-IronPort-AV: E=Sophos;i="5.28,465,1464652800"; d="scan'208";a="370008481" Date: Wed, 3 Aug 2016 11:24:24 +0200 From: Roger Pau =?iso-8859-1?Q?Monn=E9?= To: Julian Elischer , freebsd-current , Subject: Re: Xen networking problems in -current with xn driver? Message-ID: <20160803092424.6crhc3arij7txpzq@mac> References: <0b90d4f0-fc02-7a07-6ce1-135a61cbc352@freebsd.org> <20160803082018.jrqienhyewjjjmmb@mac> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <20160803082018.jrqienhyewjjjmmb@mac> User-Agent: Mutt/1.6.2-neo (2016-06-11) X-DLP: MIA2 X-BeenThere: freebsd-xen@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: Discussion of the freebsd port to xen - implementation and usage List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Aug 2016 09:25:38 -0000 On Wed, Aug 03, 2016 at 10:20:19AM +0200, Roger Pau Monné wrote: > On Wed, Aug 03, 2016 at 02:12:33AM +0800, Julian Elischer wrote: > > I upgraded my VPS machine to today's current, and on reboot I couldn't get > > into it by network. > > > > A quick switch to the VNC console showed that it was up but that it couldn't > > get out. > > > > > > The xn interfaces said they were UP but attempts to get out were met with > > "network is down". > > > > if I did 'tcpdump -n -i xn0' (and xn1) hten all was fine again. > > > > tcpdump saw packets, and in fact ipfw saw some packets coming in even before > > that but it was not possible to send. > > > > > > Has anyone seen similar? > > Hello, > > I've tested current less than one week ago and didn't find any issues, I'm > currently updating to see if it's something that has been introduced in the > last few days. There have also been reports of it working fine on the > freebsd-xen mailing list, but I guess there's something different with your > setup: > > https://lists.freebsd.org/pipermail/freebsd-xen/2016-July/002779.html > > > some relevant parts of the dmesg output.: > > > > > > T(vga): text 80x25 > > XEN: Hypervisor version 3.4 detected. > > CPU: Intel(R) Xeon(R) CPU E5620 @ 2.40GHz (2400.05-MHz 686-class > > CPU) > > Origin="GenuineIntel" Id=0x206c2 Family=0x6 Model=0x2c Stepping=2 > > Features=0x1781fbff > > Features2=0x80982201 > > AMD Features=0x20100000 > > AMD Features2=0x1 > > Hypervisor: Origin = "XenVMMXenVMM" > > real memory = 536870912 (512 MB) > > avail memory = 503783424 (480 MB) > > Event timer "LAPIC" quality 400 > > ACPI APIC Table: > > WARNING: L1 data cache covers less APIC IDs than a core > > 0 < 1 > > WARNING: L2 data cache covers less APIC IDs than a core > > 0 < 1 > > WARNING: L3 data cache covers less APIC IDs than a core > > 0 < 1 > > > > ipfw2 (+ipv6) initialized, divert loadable, nat enabled, default to deny, > > You seem to be using ipfw, I guess you have firewall_enable="YES" on you > rc.conf, are you also using IPv6? Anything else net related on your rc.conf? FWIW, I've added: firewall_enable="YES" firewall_type="open" To my rc.conf and I'm still not able to reproduce, this is all with IPv4. Roger.