This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


re: [Xen-users] xen, fc4, bridging, iptables and conntrack problem

Hi Paul, I subscribe to the netfilter mailing list and I saw this in a
posting by someone:-

Has anyone else seen this?  A working bridge running Fedora Core 3 fails
after an upgrade to the one of  the latest Fedora kernels.  What I've
found is:

   kernel-2.6.11-1.14_FC3 and earlier work fine

   kernel-2.6.11-1.27_FC3 and kernel-2.6.11-1.35_FC3 fail!

The problem is with netfilter not with bridging.  With iptables
shutdown the bridge works fine but even with very simple iptables
rules any network connections to/from or through the bridge fail.

(Fedora kernels are patched so it's difficult to say which standard
kernel version they correspond to but it looks like some new kernel
patch has caused or will cause problems with bridge-nf).

I know it's fedora core 3...but it may be connected.
It's not great detail but indicates a trend that seems to fit the
evidence that we have. No network connectivity...ESTABLISHED or RELATED
reply packets not getting out/in?

These kernels are relatively recent for 3 as I have a fc3 workstation at
work and those revisions ring a bell. I'll check back with you after I
find out at work. The last fc3 working xen environment I had working was
before those revisions...hmmmm.

Any help?


Xen-users mailing list