From: Mark McLoughlin <markmc@redhat.com>
To: Bill Davidsen <davidsen@tmr.com>
Cc: Avi Kivity <avi@qumranet.com>,
Anthony Liguori <anthony@codemonkey.ws>,
kvm@vger.kernel.org, Herbert Xu <herbert@gondor.apana.org.au>,
Rusty Russell <rusty@rustcorp.com.au>
Subject: Re: [PATCH 0/9][RFC] KVM virtio_net performance
Date: Mon, 28 Jul 2008 07:42:29 +0100 [thread overview]
Message-ID: <1217227349.9122.7.camel@muff> (raw)
In-Reply-To: <488C7585.2050804@tmr.com>
On Sun, 2008-07-27 at 09:17 -0400, Bill Davidsen wrote:
> Avi Kivity wrote:
> > Bill Davidsen wrote:
> >>
> >> I have been discussing this (on this list) in another thread. Putting
> >> tcpdump on the eth0 device in the VM, the br0 device in the host, and
> >> the eth0 (physical NIC) in the host, you can see that when the VM
> >> generates a DHCP request it shows up on the br0 in the host, but
> >> never gets sent on the wire by eth0.
> >>
> >> That's the point of failure, at least using RHEL5/FC6/kvm-66 as the
> >> environment.
> >
> > Does playing with the bridge forward delay ('brctl setfd') help?
> >
> Update: Redhat has a user chain in iptables shared between INPUT and
> FORWARD (bad idea) which doesn't pass bootp packets by default.
Yeah, I've been trying to get that rule changed to allow all bridged
packets to be forwarded by default. See:
https://bugzilla.redhat.com/221828
> Adding
> the following rules to that table solved the DHCP for me.
>
> ACCEPT udp -- anywhere anywhere udp
> spt:bootps dpt:bootpc
> ACCEPT udp -- anywhere anywhere udp
> spt:bootpc dpt:bootps
>
> This seems to solve my problem, I just have to make it part of my "start
> kvm" procedure.
See here:
http://wiki.libvirt.org/page/Networking
in the 'Bridged networking (aka "shared physical device")' section:
# echo "-I FORWARD -m physdev --physdev-is-bridged -j ACCEPT" > /etc/sysconfig/iptables-forward-bridged
# lokkit --custom-rules=ipv4:filter:/etc/sysconfig/iptables-forward-bridged
# service libvirtd reload
Cheers,
Mark.
next prev parent reply other threads:[~2008-07-28 6:42 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-07-24 11:46 [PATCH 0/9][RFC] KVM virtio_net performance Mark McLoughlin
2008-07-24 11:46 ` [PATCH 1/9] kvm: qemu: Set MIN_TIMER_REARM_US to 150us Mark McLoughlin
2008-07-24 11:46 ` [PATCH 2/9] kvm: qemu: Fix virtio_net tx timer Mark McLoughlin
2008-07-24 11:46 ` [PATCH 3/9] kvm: qemu: Remove virtio_net tx ring-full heuristic Mark McLoughlin
2008-07-24 11:46 ` [PATCH 4/9] kvm: qemu: Add VIRTIO_F_NOTIFY_ON_EMPTY Mark McLoughlin
2008-07-24 11:46 ` [PATCH 5/9] kvm: qemu: Disable recv notifications until avail buffers exhausted Mark McLoughlin
2008-07-24 11:46 ` [PATCH 6/9] kvm: qemu: Add support for partial csums and GSO Mark McLoughlin
2008-07-24 11:46 ` [PATCH 7/9] kvm: qemu: Increase size of virtio_net rings Mark McLoughlin
2008-07-24 11:46 ` [PATCH 8/9] kvm: qemu: Drop the mutex while reading from tapfd Mark McLoughlin
2008-07-24 11:46 ` [PATCH 9/9] kvm: qemu: Eliminate extra virtio_net copy Mark McLoughlin
2008-07-24 23:33 ` [PATCH 8/9] kvm: qemu: Drop the mutex while reading from tapfd Dor Laor
2008-07-25 17:25 ` Mark McLoughlin
2008-07-24 23:22 ` [PATCH 3/9] kvm: qemu: Remove virtio_net tx ring-full heuristic Dor Laor
2008-07-25 0:30 ` Rusty Russell
2008-07-25 17:30 ` Mark McLoughlin
2008-07-25 17:23 ` Mark McLoughlin
2008-07-24 23:56 ` Dor Laor
2008-07-26 9:48 ` [PATCH 2/9] kvm: qemu: Fix virtio_net tx timer Avi Kivity
2008-07-26 12:08 ` Mark McLoughlin
2008-07-24 11:55 ` [PATCH 0/9][RFC] KVM virtio_net performance Herbert Xu
2008-07-24 16:53 ` Mark McLoughlin
2008-07-24 18:29 ` Anthony Liguori
2008-07-25 16:36 ` Mark McLoughlin
2008-07-24 20:56 ` Anthony Liguori
2008-07-25 17:17 ` Mark McLoughlin
2008-07-25 21:29 ` Dor Laor
2008-07-26 19:09 ` Bill Davidsen
2008-07-27 7:52 ` Avi Kivity
2008-07-27 12:52 ` Bill Davidsen
2008-07-27 13:17 ` Bill Davidsen
2008-07-28 6:42 ` Mark McLoughlin [this message]
2008-07-26 9:45 ` Avi Kivity
2008-07-27 6:48 ` Rusty Russell
2008-07-27 6:48 ` Rusty Russell
2008-08-11 19:56 ` Mark McLoughlin
2008-08-12 13:35 ` Avi Kivity
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1217227349.9122.7.camel@muff \
--to=markmc@redhat.com \
--cc=anthony@codemonkey.ws \
--cc=avi@qumranet.com \
--cc=davidsen@tmr.com \
--cc=herbert@gondor.apana.org.au \
--cc=kvm@vger.kernel.org \
--cc=rusty@rustcorp.com.au \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox