port-xen: Re: Networking problems

Subject: Re: Networking problems
To: Matteo Beccati <php@beccati.com>
From: Jonathan A. Kollasch <jakllsch@kollasch.net>
List: port-xen
Date: 04/06/2006 14:19:26
--a8Wt8u1KmwUX3Y2C
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Apr 05, 2006 at 09:37:07AM +0200, Matteo Beccati wrote:
> Jonathan A. Kollasch ha scritto:
> >>The domU seems perfectly working, but I'm unable to have a working=20
> >>network configuration. If I try to ping any machine in the bridged=20
> >>network I receive DUP! answers, but the same doesn't happen when trying=
=20
> >
> >I don't get duplicate replies in my setup.
>=20
> In fact it seems very weird, and I guess that it could be related to the=
=20
> problem I'm having.
>=20
> >Some more investigation would be appreciated.  Verify that the packets
> >are flowing to the right place at all tcpdump-able interfaces, (the -e
> >flag will be useful).  Also check for appropriate entries in the ARP
> >tables of the various machines.
> >
> >I'd venture a guess that the Xen (virtual) machines are at most
> >only half of this problem.
>=20
> tcpdump on domU
> ---------------
> # tcpdump -e port smtp
> tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
> listening on xennet0, link-type EN10MB (Ethernet), capture size 96 bytes
> 09:19:27.600829 ab:00:00:50:02:f1 > 00:05:5d:e9:f4:50, ethertype IPv4=20

Ok, this wasn't obvious at first, but you're trying to use a multicast
MAC address as a unicast MAC address.

see:
http://www.mynetwatchman.com/pckidiot/chap04.htm
http://en.wikipedia.org/wiki/MAC_address

This could explain the duplicates, and other problems.

When selecting a MAC address for the virtual interface (esp. in
bridged configurations) the lower nibble of the most significant
byte should be 2, 6, A, or E (the locally administered blocks).
0, 4, 8, and C should be avoided because they are blocks IEEE
allocates from.

Also, xentools should really do sanity checks on MAC address input.

	Jonathan Kollasch

--a8Wt8u1KmwUX3Y2C
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (NetBSD)

iD8DBQFENWm9Ojx1ye3hmokRAsYIAJ45CbATb8zi+zlZAHy+esjr8xe2AACghgG1
LbJYIpbNYYLIgbhNS3KS6GI=
=tY9s
-----END PGP SIGNATURE-----

--a8Wt8u1KmwUX3Y2C--