Problem accessing some websites

Prev: qt4 applications - font size
Next: qt4 applications - font size (solved)

From: Guillaume CHARDIN on 7 Dec 2009 12:30

---

So after some days of research I tough the problem come from xen....
I've just forgot to tell you the system was running on Xen. Really big
mistake sorry :)

I configure on my dom0 the pppoe connection and it works fine. All
wget on all websites where i have access problem works fines. It
looks like I have some packet lost between dom0 and my firewall
(inside domU).

here is the "brctl show" command if someone saw something strange, tell me.

# brctl show
bridge name bridge id STP enabled interfaces
brdmz 8000.00163e3a45d7 no veth0
vif1.0
vif3.0
vif30.1
vif4.0
brlocal 8000.00163579dcc3 no eth0
vif30.0
brnet 8000.000000000000 no



These bridges are defined by this startup script :

modprobe netloop nloopbacks=2
brctl addbr brlocal
brctl addbr brdmz
brctl addbr brnet
ip link set eth0 down
ip link set veth0 down
ip addr flush dev eth0
ip addr flush dev veth0
ip link set addr 00:16:3e:3a:45:d7 dev veth0
brctl addif brlocal eth0
brctl addif brdmz veth0
ip addr add 192.168.100.1/24 broadcast 192.168.100.255 dev brlocal
ip addr add 10.0.0.1/8 broadcast 10.255.255.255 dev brdmz
ip link set eth0 arp off
ip link set eth0 multicast off
ip link set veth0 arp off
ip link set veth0 multicast off
ip link set brlocal up
ip link set brdmz up
ip link set eth0 up
ip link set veth0 up



* brnet is not actually used
* the pppoe connection is done by this way : firewall (eth1)
--xen_bridged_to--> Dom0 (eth0) --manually-bridged-to--> physical
interface
* others vm can access this physical interface. Shutting down these
vm do not correct problem.

Thanks for your time.

--
Guillaume


--
To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org

From: Guillaume CHARDIN on 7 Dec 2009 18:10

---

Problem Solved tonight by adding this on startup :
sysctl -w "net.bridge.bridge-nf-call-iptables=0"

So netfilter on dom0 is the source of the problem... But i don't know
why just on some service/websites.




--
Guillaume


--
To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org

First  |  Prev  | 
Pages: 1 2 3
Prev: qt4 applications - font size
Next: qt4 applications - font size (solved)