This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


Re: [Xen-users] trouble with TCP?

To: Kees Cook <kees@xxxxxxxxxxx>
Subject: Re: [Xen-users] trouble with TCP?
From: Nivedita Singhvi <niv@xxxxxxxxxx>
Date: Tue, 21 Jun 2005 12:35:43 -0700
Cc: xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Tue, 21 Jun 2005 19:34:47 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <20050621180436.GD23152@xxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <20050621180436.GD23152@xxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mozilla Thunderbird 0.8 (X11/20041020)
Kees Cook wrote:
Hi! I've built a xen domain without bridging, and it seems that tcp is broken. ICMP works fine (I can ping either end), but TCP doesn't ACK in the xen client. I found one mention this on the mailing list back in March, but it didn't have an answer. I watched the communication in ethereal, and the client simply ignored the SYN,ACK packets from the host.

Can you tell where they were being dropped? Was netstat -s showing
anything?  Have you tried different TCP apps? ftp, hping, rsync, ssh?
Are you running IPSec or some other filtering?

I'm running:
Linux host #1 Sun May 22 11:38:50 BST 2005 i686 GNU/Linux

I'm intentionally isolating my xen clients, but I need them to talk to the host. What sort of diagnostics can I provide to help track this down?


This is usually caused by a misconfiguration of the firewall
or having some needed port not open.

Could you collect the ethereal or tcpdump trace of that happening, and also
ifconfig, netstat -tan, netstat -s, sysctl -a, ip show rule, output?


Xen-users mailing list

<Prev in Thread] Current Thread [Next in Thread>