Bug#990642: linux-image-4.19.0-17-amd64: kernel panic on xen dom0 with Broadcom Limited NetXtreme II BCM5709
- To: Salvatore Bonaccorso <carnil@debian.org>
- Cc: 990642@bugs.debian.org
- Subject: Bug#990642: linux-image-4.19.0-17-amd64: kernel panic on xen dom0 with Broadcom Limited NetXtreme II BCM5709
- From: spi@gmxpro.de
- Date: Thu, 5 Aug 2021 13:58:50 +0200
- Message-id: <[🔎] eb85636c-a804-85b0-503c-8c8a02c49add@gmxpro.de>
- Reply-to: spi@gmxpro.de, 990642@bugs.debian.org
- In-reply-to: <YQMXjm5inBfq5FGB@eldamar.lan>
- References: <d4afa918-4200-b8d6-bdd4-b3a909fbbe20@gmxpro.de> <YOMBLQ+iXpCPURR4@eldamar.lan> <6a4f6a3b-4729-39c8-d371-56e4fa62df63@gmxpro.de> <YOn6FbUHPgdtgfwj@eldamar.lan> <d4afa918-4200-b8d6-bdd4-b3a909fbbe20@gmxpro.de> <97dd4d7a-5eaf-e0bd-bc05-686252477c4a@gmxpro.de> <YO6viagJ76xvdblJ@eldamar.lan> <8cc2246e-74d7-fda3-2b89-a925e7b3c7f3@gmxpro.de> <YQMXjm5inBfq5FGB@eldamar.lan> <d4afa918-4200-b8d6-bdd4-b3a909fbbe20@gmxpro.de>
In preparation for the bug report for upstream I did some more
investigation.
The kernel panic also occurs without bonding interfaces but needs much
more time to happen. With a bonding interface it happens within some
seconds. Without bonding interfaces it needs like a minute with the
network discovery being re-launched for 2 or 3 times. The kernel panic
is still the same about the bnx2 driver.
In the constellation without a bonding interface the kernel panic only
occurs if
- opnsense as a domU is running (this domU bounds all bridged interfaces
as default gateway for all networks)
- sysctl parameter net.bridge.bridge-nf-call-ip6tables is set to 0.
If both conditions are not met no kernel panic oaccurs.
Other IPv6 related sysctl parameters are set on dom0 like
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1
The layer2-iptables settings are
net.bridge.bridge-nf-call-ip6tables = 0 ***
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-arptables = 0
As said, if I don't set the one marked with *** to 0 there is no kernel
panic.
I wonder if this still is a kernel issue but still wouldn't expect a
kernel panic to happen.
Cheers,
spi
Reply to: