group.of.nepali.translators team mailing list archive

Thread
Date
[Bug 1758037] Re: LTC Test- Ubuntu18.04: Starting the guest with network filter defined will fail with "cause is unknown".

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1758037@xxxxxxxxxxxxxxxxxx>
Date: Mon, 21 May 2018 06:58:19 -0000
Reply-to: Bug 1758037 <1758037@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
This bug was fixed in the package libvirt - 1.3.1-1ubuntu10.23

---------------
libvirt (1.3.1-1ubuntu10.23) xenial; urgency=medium

  * Fix nwfilters that set CTRL_IP_LEARNING set to dhcp failing with "An error
    occurred, but the cause is unknown" due to a buffer being too small
    for pcap with TPACKET_V3 enabled (LP: #1758037)
    - debian/patches/ubuntu/lp-1758037-nwfilter-increase-pcap-buffer-size.patch

 -- Christian Ehrhardt <christian.ehrhardt@xxxxxxxxxxxxx>  Fri, 11 May
2018 07:37:36 +0200

** Changed in: libvirt (Ubuntu Bionic)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1758037

Title:
  LTC Test- Ubuntu18.04: Starting the guest with network filter defined
  will fail with "cause is unknown".

Status in libvirt:
  Unknown
Status in The Ubuntu-power-systems project:
  Fix Committed
Status in libvirt package in Ubuntu:
  Fix Released
Status in libvirt source package in Xenial:
  Fix Released
Status in libvirt source package in Artful:
  Fix Released
Status in libvirt source package in Bionic:
  Fix Released

Bug description:
  [Impact]

   * nwfilters were not usable if configured to use dhcp based learning

   * Fix by backporting upstream bug

  [Test Case]

   * Add the following to the interface section of a guest description in 
     libvirt:
       <filterref filter='clean-traffic'>
         <parameter name='CTRL_IP_LEARNING' value='dhcp'/>
       </filterref>
      Then start the guest.

      Bad case:
      error: Failed to start domain VM1
      error: An error occurred, but the cause is unknown

      Fixed:
      Guest starts and works.

  [Regression Potential]

   * I thought a while on this. On first sight one might say there is a 
     regression risk due to increasing the size of the buffer. This risk 
     would arise on hyperscale environments where the memory consumption per 
     guest would increase by 2*128Kb*#guest-interfaces (not much, but can 
     sum up on MANY guests).
     But then I realized that this is only true for the use case using 
     dhcpsnoop which is
     a) clearly not the most common case
     b) failing to work at all before this fix
     So there can't be anyone today with a working setup that then runs OOM, 
     due to the setup either not using the feature (=no change) or failing 
     missing this fix.
     So I actually think this mem consumption increase is not an issue in 
     terms of SRU considerations.
     Due to that the only remaining regression would be users that had a 
     self-built libpcap without TPACKET_V3 to drive a workload like the 
     above, and even then only the rather small size bump is what changes.

  [Other Info]
   
   * I have added this case and a few deeper checks on the created rules for 
     iptables to the regression tests

  ---

  == Comment: #2 - Mallesh N. Koti <magadagi@xxxxxxxxxx> - 2018-02-28
  05:02:49 ==

  Guest Xml

  =======
  ISSUE
  =======
  Defining a network filter and Starting a VM with this nwfiter in VM's xml is failing with "cause is unknown".

  ==================
  Recreation Steps
  ==================

  1. Define a network filter as:
    virsh nwfilter-define filter.xml

  2. Add nwfilter in guest xml and start guest.
    virsh start VM1

  It fails with :
  # virsh start VM1
  error: Failed to start domain VM1
  error: An error occurred, but the cause is unknown

  XML used for defining network filter:
  ```<?xml version='1.0' encoding='UTF-8'?>
  <filter chain="root" name="clean-traffic" priority="">
    <uuid>11111111-b071-6127-b4ec-111111111111</uuid>
    <filterref filter="no-mac-spoofing" /><filterref filter="no-ip-spoofing" /><filterref filter="allow-incoming-ipv4" /><filterref filter="no-arp-spoofing" /><filterref filter="qemu-announce-self" /><rule action="accept" direction="out" priority="-650" statematch="None">
      <mac protocolid="ipv4" /></rule><rule action="accept" direction="inout" priority="-500" statematch="None">
      <mac protocolid="arp" /></rule></filter>
  ```

  will be attaching the guest xml

  The issue happens with Ubuntu 18.04 host - where not able to start the
  guest with network defined with value dhcp.

  <parameter name='CTRL_IP_LEARNING' value='dhcp'/>
  .
  Found following commit is not there in 18.04 Ubuntu source. There could be some dependent commit too.  we are facing some build issue and hence not able to verify it.
  .
  https://github.com/libvirt/libvirt/commit/e62cb4a9b78c7f4499a206635fb4f06e6ac627e5
  .

To manage notifications about this bug go to:
https://bugs.launchpad.net/libvirt/+bug/1758037/+subscriptions