This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


Re: [Xen-users] trouble with TCP?

To: Kees Cook <kees@xxxxxxxxxxx>
Subject: Re: [Xen-users] trouble with TCP?
From: Nivedita Singhvi <niv@xxxxxxxxxx>
Date: Tue, 21 Jun 2005 15:28:16 -0700
Cc: xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Tue, 21 Jun 2005 22:27:32 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <20050621222018.GB26871@xxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <20050621180436.GD23152@xxxxxxxxxxx> <42B86C0F.2000202@xxxxxxxxxx> <20050621222018.GB26871@xxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mozilla Thunderbird 0.8 (X11/20041020)
Kees Cook wrote:
On Tue, Jun 21, 2005 at 12:35:43PM -0700, Nivedita Singhvi wrote:

Can you tell where they were being dropped? Was netstat -s showing
anything?  Have you tried different TCP apps? ftp, hping, rsync, ssh?
Are you running IPSec or some other filtering?

I'm not running any ipsec, or iptables. I'm not sure what to look for out of netstat -s. (See attached.) I didn't try other TCP apps, since it seemed to be down in the kernel (no ACK coming back).

Looks like you need to add a default route on domU.

Could you fix that and try again?


This is usually caused by a misconfiguration of the firewall
or having some needed port not open.

That's what I had hoped, and I've trimmed it down to bare metal now. Originally I thought it was just related to bridging, and I totally removed that from the equation.

Could you collect the ethereal or tcpdump trace of that happening, and also
ifconfig, netstat -tan, netstat -s, sysctl -a, ip show rule, output?

Sure! See attached. It's got two directories, with the output from all mentioned commands (and route -n) along with xenU.pcap and xen0.pcap. To me, it just looks like xenU is just plain ignoring the SYN,ACK that comes in. :(


Xen-users mailing list

Xen-users mailing list

<Prev in Thread] Current Thread [Next in Thread>