[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] bug: network lock-out



 On 10/05/2010 03:44 PM, Jiri Denemark wrote:
21:31:09.298: error : virRunWithHook:857 : internal error
'/usr/sbin/iptables --table mangle --insert POSTROUTING --out-interface
virbr0 --protocol udp --destination-port 68 --jump CHECKSUM
--checksum-fill' exited with non-zero status 2 and signal 0: iptables
v1.4.7: unknown option `--checksum-fill'
Try `iptables -h' or 'iptables --help' for more information.
This is harmless and ignored by libvirt. If DHCP still works in your guests,
you don't need worry about this feature. The warning below tries to suggest
the error was ignored...

Correct. The reason for this is that the only way to determine whether or not iptables supports the new CHECKSUM target is to try the command and see if it fails. Since the CHECKSUM target is in upstream iptables, it will eventually be in all distro-specific versions, so the less-than-elegant warning was deemed sufficient.

This particular rule is required to support guests that use the vhost-net module (ie kernel-based rather than userspace-based) for virtio network interfaces. Whether or not that will be needed depends on guest config, which can't be known at the time that the virtual networks are started, so we must always try to add it, then fail "semi-silently" (we continue, but first complain a little).

21:31:09.299: warning : networkAddIptablesRules:873 : Could not add rule
to fixup DHCP response checksums on network 'default'.
21:31:09.299: warning : networkAddIptablesRules:874 : May need to update
iptables package&  kernel to support CHECKSUM rule.
21:31:09.301: error : virRunWithHook:857 : internal error
'/usr/sbin/dnsmasq --strict-order --bind-interfaces
--pid-file=/var/run/libvirt/network/default.pid --conf-file=
--listen-address 10.117.9.1 --except-interface lo' exited with non-zero
status 1 and signal 0: libvir: error : cannot execute binary
/usr/sbin/dnsmasq: No such file or directory
This is the really important error for you; /usr/sbin/dnsmasq could not be
found.

That location comes from config.h, so it's determined at configure time. Apparently it found /usr/sbin/dnsmasq at configure time. Did you build on a different machine from where you're running (and maybe this new machine doesn't have dnsmasq installed? It should be in the prerequisites for your libvirt package to ensure that it's always installed when libvirt is installed).


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]