[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] macvtap - no incoming ipv6 traffic processed on kvm host unless i start tcpdump on interface



On Wed, Apr 08, 2015 at 02:13:49PM +0200, Stefan Bauer wrote:
Dear folks,

I'm using for the first time macvtap interface for my virtual machines in bridged mode.

VM -> HOST -> Router -> INTERNET

This works fine for ipv4 connectivity.

For ipv6 my virtual machines receive appropriate v6 address from radvd but are not able to receive answer packages from outside (ping -t -6 google.de was started inside VM).

I see the ping request/response on my router:

14:10:52.147834 IP6 2a01:198:200:8350:dc8b:cd82:144e:14eb > 2a00:1450:4001:806::1018: ICMP6, echo request, seq 108, length 40
14:10:52.182073 IP6 2a00:1450:4001:806::1018 > 2a01:198:200:8350:dc8b:cd82:144e:14eb: ICMP6, echo reply, seq 108, length 40
14:10:55.179874 IP6 2a01:198:200:350::2 > 2a00:1450:4001:806::1018: ICMP6, destination unreachable, unreachable address 2a01:198:200:8350:dc8b:cd82:144e:14eb, length 88


But i do not receive the reply on the VM.

However on the KVM host - when i start a tcpdump on the macvtap interface with

root s1:~# tcpdump -ni macvtap0 ip6
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on macvtap0, link-type EN10MB (Ethernet), capture size 262144 bytes
14:12:37.134516 IP6 2a01:198:200:8350:dc8b:cd82:144e:14eb > 2a00:1450:4001:806::1018: ICMP6, echo request, seq 129, length 40
14:12:37.188529 IP6 fe80::12fe:edff:fee6:cfa > ff02::1:ff4e:14eb: ICMP6, neighbor solicitation, who has 2a01:198:200:8350:dc8b:cd82:144e:14eb, length 32
14:12:37.189040 IP6 2a01:198:200:8350:dc8b:cd82:144e:14eb > fe80::12fe:edff:fee6:cfa: ICMP6, neighbor advertisement, tgt is 2a01:198:200:8350:dc8b:cd82:144e:14eb, length 32
14:12:37.189202 IP6 2a00:1450:4001:806::1018 > 2a01:198:200:8350:dc8b:cd82:144e:14eb: ICMP6, echo reply, seq 129, length 40


packages starting to get processed and VM receives replies.
Any idea what is happening here?


I'm guessing the promiscuous modes plays its part in this field.  You
can try setting the interface to promisc mode manually using 'ip l set
$dev promisc on' and see whether that helps without starting tcpdump.
Also check sysctl -a | grep 'ipv6.*forward'.

Disclaimer: all of that ^^ is just a guess :)

Cheers,

Stefan

--
libvir-list mailing list
libvir-list redhat com
https://www.redhat.com/mailman/listinfo/libvir-list

Attachment: pgpMS7dAPE7Rc.pgp
Description: PGP signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]