On Mon, 2013-02-18 at 12:04 +0200, Gavin wrote:I've added xen-users since you also bounced this there.
> Firstly I apologise for the cross-post,
Networking level stuff is all done by the dom0 (or driver domain) kernel
> however I don't expect to get as quick a response from the package
> maintainers as I do from the Debian community, and this issue affects
> a service that I've got scheduled to go live at midnight this
> evening. :(
>
>
> A recent update from xen-hypervisor-4.1-amd64 version 4.1.3-7, to
> version 4.1.3-8 on Debian Wheezy has caused all vm's on this host to
> not receive their arp replies anymore and as such they cannot reach
> their gateways and are now isolated from the network.
>
>
> There was a more recent update as well (4.1.4-2) which I have now
> since applied however this particular issue persists.
rather than the hypervisor so it is far more likely that a kernel level
change rather than a hypervisor change would be responsible. What kernel
version are you running? Did it also change?
> The arp replies are received by the host and passed all the way up toDo you have any firewall or ebfilter entries which might have either
> the bridge (br200) being used by Xen, however they are not seen on the
> vif (vif2.0) created for the particular vm.
been discarded or reintroduced by the reboot? (i.e. a manual settings
modification which wasn't propagated to the startup scripts). Or perhaps
sysctl tweaks?
I'd certainly be tempted to try the older kernel, assuming that was also
> 1) Please let me know if I should roll-back this particular xen
> update, kernel and all, and what those steps may be, or if this is a
> known issue with a particular workaround that I can apply.
upgraded. It may even still be installed and in your grub menu already.
Without knowing what the underlying issue is it is hard to predict
> 2) Would moving to openvswitch be another possible workaround?
whether it will also affect ovs.
> My config:-
Looks correct to me.
Ian.