IP forwarding regression since 3.0-rc6

From: Stephan Seitz
Date: Mon Jul 25 2011 - 08:59:57 EST

Next message: Wang Sheng-Hui: "[PATCH] jbd: change the field "b_cow_tid" of struct journal_headfrom type unsigned to tid_t"
Previous message: Paolo Bonzini: "Re: [GIT PULL] Native Linux KVM tool for 3.1"
Next in thread: Maciej Rutecki: "Re: IP forwarding regression since 3.0-rc6"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi!

Since 3.0-rc6 I see that my Linux router is losing packets. I can see them tracing the internal interface, but I donât see them on the external interface. I can reproduce the problem while using tin with news.individual.de. At the startup when tin checks every newsgroup from the server, many packets are suddenly not routed anymore but are dropped, so tin hangs until it quits with a NNTP error.
All kernels until 3.0-rc5 are working.

Hardware:
- 2x Realtek Semiconductor Co., Ltd. RTL8111/8168B PCI Express Gigabit Ethernet controller

Sofware:
- Debian Testing, 64bit, with Xen 4.1.0

System:
Dom0 (Debian Testing, 64bit) is my working system. The two NICs have each their own bridge interface. One bridge interface (A) has an internal IP address (IPv4 and IPv6) of my internal network. The other bridge (B) doesnât have a IP address in Dom0. The DomU is connected to the two bridges.
DomU (Debian Testing, 64bit) is my iptables firewall system with Bind, Squid, and other services. The interface connected to bridge A has an internal IP addresses (gateway for my internal network). The interface connected to bridge B is used for PPPoE (the NIC is directly connected to my DSL modem).

Kernels:
Dom0 has had all kernel versions from 3.0-rcX and is running 3.0 at the moment.
DomU has had the same kernel versions but is running 3.0-rc5 at the moment because of the network problems in newer kernels.

Long problem description:
From Dom0 I use tin to read different newsserver. One of them is news.individual.de. The first time after DomU switched kernel to -rc6 I started tin (connecting to the mentioned news server) and tin hung while reading groups from the newsrc and stopped with a NNTP connection error.
Since the problem didnât vanish, I wrote a mail to the support team of the news server. They told me that I was the only one with a connection problem and asked me to try the connection from another client. I tried it from my vServer, and it worked. So the problem had to be in my setup.

I traced in Dom0 (bridge A), DomU (bridge A) und DomU (ppp0) and noticed that all packets generated in Dom0 were visible in DomU bridge A. But not all of the packets were visisble at the ppp0 interface. So my DomU was dropping packets and the connection between tin in Dom0 and the news server failed.

So I tried older kernels and noticed that 3.0-rc5 in DomU was working, but rc6 and newer were not. The kernel configuration was the same for all 3.0 kernels.

Since I donât know which maintainer I should contact with my problem, Iâll write directly to lkml.

Thanks for your help.

Shade and sweet water!

Stephan

PS: Please CC me, because Iâm not subscribed.

--
| Stephan Seitz E-Mail: stse@xxxxxxxxxxxxxxxxxxx |
| PGP Public Keys: http://fsing.rootsland.net/~stse/pgp.html |

Attachment: signature.asc
Description: Digital signature

Next message: Wang Sheng-Hui: "[PATCH] jbd: change the field "b_cow_tid" of struct journal_headfrom type unsigned to tid_t"
Previous message: Paolo Bonzini: "Re: [GIT PULL] Native Linux KVM tool for 3.1"
Next in thread: Maciej Rutecki: "Re: IP forwarding regression since 3.0-rc6"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]