1

I have a ubuntu system running 12.10

I am using KVM and have configured a bridge for the virtual machines, which is using nat forwarding. I am having problems with the connection dropping out periodically sometimes it stays up for a few days sometimes a few minutes.

I have disabled the bridge to resolve the issue but its still happening, I tried doing a manual dhcp release and renew which works sometimes, it gets me a new ip and im away again but i noticed that my ip is not updated when i run ifconfig or in kvm connection settings.

/etc/interfaces

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet dhcp

#auto br0
#iface br0 inet dhcp
#    bridge_ports eth0
#    bridge_stp off
#    bridge_fd 0
#    bridge_maxwait 0

ifconfig

eth0      Link encap:Ethernet  HWaddr 38:60:77:aa:aa:aa  
      inet addr:10.0.0.137  Bcast:10.0.0.255  Mask:255.255.255.0
      UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
      RX packets:52068 errors:0 dropped:0 overruns:0 frame:0
      TX packets:10900 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1000 
      RX bytes:12322071 (12.3 MB)  TX bytes:2494188 (2.4 MB)

lo        Link encap:Local Loopback  
      inet addr:127.0.0.1  Mask:255.0.0.0
      UP LOOPBACK RUNNING  MTU:16436  Metric:1
      RX packets:2651 errors:0 dropped:0 overruns:0 frame:0
      TX packets:2651 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:0 
      RX bytes:402096 (402.0 KB)  TX bytes:402096 (402.0 KB)

virbr0    Link encap:Ethernet  HWaddr f6:94:09:8f:7b:b5  
      inet addr:192.168.122.1  Bcast:192.168.122.255  Mask:255.255.255.0
      UP BROADCAST MULTICAST  MTU:1500  Metric:1
      RX packets:0 errors:0 dropped:0 overruns:0 frame:0
      TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:0 
      RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

sudo dhcpclient -r -v 

Internet Systems Consortium DHCP Client 4.2.4
Copyright 2004-2012 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/

Listening on LPF/virbr0/f6:94:09:8f:7b:b5
Sending on   LPF/virbr0/f6:94:09:8f:7b:b5
Listening on LPF/eth0/38:60:77:aa:aa:aa
Sending on   LPF/eth0/38:60:77:aa:aa:aa
Sending on   Socket/fallback
DHCPRELEASE on eth0 to 10.0.0.254 port 67

sudo dhcpclient -v

Internet Systems Consortium DHCP Client 4.2.4
Copyright 2004-2012 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/

Listening on LPF/virbr0/f6:94:09:8f:7b:b5
Sending on   LPF/virbr0/f6:94:09:8f:7b:b5
Sending on   Socket/fallback
DHCPDISCOVER on virbr0 to 255.255.255.255 port 67 interval 3
DHCPDISCOVER on virbr0 to 255.255.255.255 port 67 interval 5
DHCPDISCOVER on virbr0 to 255.255.255.255 port 67 interval 9
DHCPDISCOVER on virbr0 to 255.255.255.255 port 67 interval 15

At the moment the only way I know to recover from this state is to unplug the network cable and restart

UPDATE

When the connection drops out I have had some success running sudo dhclient -v without dropping the address first.

dhclient -v 

Internet Systems Consortium DHCP Client 4.2.4
Copyright 2004-2012 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/

Listening on LPF/virbr0/96:a2:d6:f5:30:fc
Sending on   LPF/virbr0/96:a2:d6:f5:30:fc
Listening on LPF/eth0/38:60:77:aa:aa:aa
Sending on   LPF/eth0/38:60:77:aa:aa:aa
Sending on   Socket/fallback
DHCPDISCOVER on virbr0 to 255.255.255.255 port 67 interval 3
DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 3
DHCPREQUEST of 10.0.0.129 on eth0 to 255.255.255.255 port 67
DHCPOFFER of 10.0.0.129 from 10.0.0.254
DHCPACK of 10.0.0.129 from 10.0.0.254
bound to 10.0.0.129 -- renewal in 5716 seconds.

here I can see I am being leased 10.0.0.129 but ifconfig still displays 10.0.0.137

eth0      Link encap:Ethernet  HWaddr 38:60:77:82:a8:61  
      inet addr:10.0.0.137  Bcast:10.0.0.255  Mask:255.255.255.0
      UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
      RX packets:312183 errors:0 dropped:0 overruns:0 frame:0
      TX packets:85529 errors:0 dropped:1 overruns:0 carrier:0
      collisions:0 txqueuelen:1000 
      RX bytes:80808972 (80.8 MB)  TX bytes:20479979 (20.4 MB)

lo        Link encap:Local Loopback  
      inet addr:127.0.0.1  Mask:255.0.0.0
      UP LOOPBACK RUNNING  MTU:16436  Metric:1
      RX packets:3910 errors:0 dropped:0 overruns:0 frame:0
      TX packets:3910 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:0 
      RX bytes:461047 (461.0 KB)  TX bytes:461047 (461.0 KB)

virbr0    Link encap:Ethernet  HWaddr 96:a2:d6:f5:30:fc  
      inet addr:192.168.122.1  Bcast:192.168.122.255  Mask:255.255.255.0
      UP BROADCAST MULTICAST  MTU:1500  Metric:1
      RX packets:0 errors:0 dropped:0 overruns:0 frame:0
      TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:0 
      RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
Improve this question
5
  • What type of network card do you have?
    – oo.
    Commented Mar 22, 2013 at 18:35
  • lspci | egrep -i --color 'network|ethernet' 05:00.0 Network controller: Ralink corp. RT5390 Wireless 802.11n 1T/1R PCIe 06:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168B PCI Express Gigabit Ethernet controller (rev 06)
    – Alex Edwards
    Commented Mar 22, 2013 at 18:37
  • maybe I should disable that wireless card as i'm not using that
    – Alex Edwards
    Commented Mar 22, 2013 at 18:38
  • can you post the output of tail -f /var/log/syslog? and a tcpdump of networkmanager while the connection gets lost? (best on pastebin.com )
    – rubo77
    Commented Mar 25, 2013 at 20:18
  • @rubo77 will do, it could be a while its been well behaved today!
    – Alex Edwards
    Commented Mar 25, 2013 at 20:47

4 Answers 4

Reset to default
1

I'm genuinely surprised that no one has mentioned the obvious answer -

Drop DHCP and use static IP addressing. You can continue with NAT ETC, just don't assign the IP's from the DHCP pool, but in the same subnet and everything should work reliably and predictably.

All you need to do to enable static IP addressing is change

auto eth0
iface eth0 inet dhcp

to 

auto eth0
address X.X.X.X
iface eth0 inet static
netmask 255.255.255.0  
gateway X.X.X.Y

Making sure the gateway is the address assigned by KVM (if you do a /sbin/route -n it will show you the default gateway - thats the IP address to use).

Improve this answer
1
  • good static ip explanation for bridging
    – Thufir
    Commented Nov 28, 2017 at 13:59
0

Shot in the dark:

ethX isn't supposed to DHCP anything.

From a machine based on Proxmox, the ifconfig result (with vmbr0 bridging to eth1 (the only real, connected NIC, because it is gbit)) I get is:

eth0      Link encap:Ethernet  HWaddr 00:30:67:4f:48:57  
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
          Interrupt:27 Base address:0x4000 

eth1      Link encap:Ethernet  HWaddr 54:e6:fc:80:06:9b  
          inet6 addr: fe80::56e6:fcff:fe80:69b/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:209503 errors:0 dropped:0 overruns:0 frame:0
          TX packets:22361 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:46807271 (44.6 MiB)  TX bytes:1558940 (1.4 MiB)
          Interrupt:16 Base address:0x8000 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:24031 errors:0 dropped:0 overruns:0 frame:0
          TX packets:24031 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:2462584 (2.3 MiB)  TX bytes:2462584 (2.3 MiB)

venet0    Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
          inet6 addr: fe80::1/128 Scope:Link
          UP BROADCAST POINTOPOINT RUNNING NOARP  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:3 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

vmbr0     Link encap:Ethernet  HWaddr 54:e6:fc:80:06:9b  
          inet addr:192.168.1.4  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::56e6:fcff:fe80:69b/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:196981 errors:0 dropped:0 overruns:0 frame:0
          TX packets:10585 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:43275844 (41.2 MiB)  TX bytes:784636 (766.2 KiB)

Best I've got so far.

Improve this answer
2
  • well I have disabled the bridge which is br0, when this is enabled eth0 has no ip it appears on br0, but I still get the same connection dropout issues. virbr0 is something kvm created, I think this is the nat for the virtual hosts which get externally addressable ips when they are running but this config is without any vm's running.
    – Alex Edwards
    Commented Mar 22, 2013 at 15:57
  • Ya. It was a shot in the dark, and far too long to be a comment to the question. I figured it might spark some ideas that might lead you to the correct result. I hope you figure it out, or that someone else knows the answer.
    – killermist
    Commented Mar 22, 2013 at 16:57
0

Another shot in the dark:

you could try to disable IPv6 control in Networkmanager: set it from Method:"Automatic" to Method "Ignore"

that solved this kind of problem to me once.

if that doesen't work, you should examin the output of

tail -f /var/log/syslog

while the connection gets lost and reconnects

another hint can be gained by examining a tcpdump of networkmanager

Improve this answer
1
  • ipv6 should already be disabled I have net.ipv6.conf.all.disable_ipv6=1, net.ipv6.conf.default.disable_ipv6=1, net.ipv6.conf.lo.disable_ipv6=1, in my sysctl.conf file
    – Alex Edwards
    Commented Mar 25, 2013 at 19:48
0

If you're using a bridge to connect your VMs to the same network as eth0, you should generally not need to do any NATing. You should only need to perform the following five steps:

  • Configure your hypervisor to use the appropriate bridge interface. KVM is just something provided by the kernel. A hypervisor may use that to implement a virtual machine. If the hypervisor is set to use virbr0 but you configured br0, you will of course have issues. It seems that virbr0 is what your hypervisor set up automagically, so at this point you only need to make sure your VMs use that interface (I would assume that is already done) and that eth0 has been added to it (i.e., sudo brctl addif virbr0 eth0)
  • Make sure all the relevant links are up (i.e., sudo ip link set dev eth0 up; sudo ip link set dev virbr0 up). Prefer ip from the iproute2 package; ifconfig from the net-tools package is long deprecated, though it should work still for something so basic.
  • Enable IP forwarding in the kernel (i.e., sysctl net.ipv4.ip_forward=1)

  • Set your firewall to allow the bridged traffic. If you're not particularly picky or concerned about people sending arbitrary traffic to your VMs, you can just do the following to allow any traffic through:

    • If bridged traffic is visible to iptables (i.e., net.bridge.bridge-nf-call-iptables = 1):
      • Flush the iptables FORWARD chain (iptables -F FORWARD) in table filter.
      • Set its policy to ACCEPT (iptables -P FORWARD ACCEPT).
      • Make sure you're not doing filtering in any other tables (which you shouldn't, as it isn't their purpose).
    • If bridged traffic is visible to arptables (i.e., net.bridge.bridge-nf-call-arptables = 1), you'll need to do something similar to the above for the IN and OUT chains in table filter (the only table in fact).
    • Again, do something similar for ebtables. No need to check whether a certain sysctl is set, it is always relevant for bridged traffic.

    I have omitted the details for the last two since it's quite unlikely that you're system has any configuration there. You may not even have them installed on your system, in which case you can just skip those steps.

  • Make sure you're not ARP proxying. You probably don't need need it (e.g., for something completely unrelated to this question) and are probably not doing it, so just sudo sysctl net.ipv4.conf.all.proxy_arp=0. If you are bridging, you shouldn't proxy ARP for such a simple example.

To my knowledge, there is no such thing as "NAT forwarding". Did you just mean plain IP forwarding (not the same thing as ethernet bridging either)? Did you mean port forwarding? Just forwarding the bootps (67) and bootpc (68) ports (used by the DHCP server and client respectively) and NATing everything else is a very queer setup and will make debugging things hard.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .