WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

RE: [Xen-users] Xen Windows Clients - BSOD withApplicationFirewallInstal

To: <xensource.2007@xxxxxxxxxxxxxxxxx>, <xen-users@xxxxxxxxxxxxxxxxxxx>
Subject: RE: [Xen-users] Xen Windows Clients - BSOD withApplicationFirewallInstalls
From: "James Harper" <james.harper@xxxxxxxxxxxxxxxx>
Date: Tue, 25 Mar 2008 19:55:04 +1100
Delivery-date: Tue, 25 Mar 2008 01:55:40 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <006f01c88e4a$d07742a0$0602000a@skywalker>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <AEC6C66638C05B468B556EA548C1A77D013DC0FF@trantor> <006f01c88e4a$d07742a0$0602000a@skywalker>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: AciL8Owgm7CCoA16STi3udtm2+hbZgBeTWIgAApEtBAALdt0gAACfcMw
Thread-topic: [Xen-users] Xen Windows Clients - BSOD withApplicationFirewallInstalls
I think you'll need to figure out what interface is launching these
packets onto your network, but in the meantime just turn of gso on all
interfaces attached to the bridge - do a 'brctl show' to get a list of
them.

If you are still getting BSoD's after doing that, do a tcpdump on the
tapX device belonging to your windows HVM domain, and see if a large
packet coincides with your BSoD. If it doesn't, then I've probably lead
you down the wrong path.

It might be easiest to do that second step first:
. brctl show
. create your domain in a paused state
. brctl show
. start a tcpdump on your tapX interface (eg the one that wasn't there
in the first brctl show but is in the second). If this is your only hvm
domain then you can skip this and just assume tap0

The syntax you want for your tcpdump is probably something like 'tcpdump
-i tapX greater 1500', which should be fired whenever a packet is >1500
bytes.

James

> -----Original Message-----
> From: DoNotReply [mailto:DoNotReply@xxxxxxxxxxxxxxxxx] On Behalf Of
> xensource.2007@xxxxxxxxxxxxxxxxx
> Sent: Tuesday, 25 March 2008 18:36
> To: James Harper; xensource.2007@xxxxxxxxxxxxxxxxx; xen-
> users@xxxxxxxxxxxxxxxxxxx
> Subject: RE: [Xen-users] Xen Windows Clients - BSOD
> withApplicationFirewallInstalls
> 
> Thanks James
> But it makes no dif. Am I applying it to the correct interface
(xenbr1)?
> 
> 
> -----Original Message-----
> From: xen-users-bounces@xxxxxxxxxxxxxxxxxxx [mailto:xen-users-
> bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of James Harper
> Sent: Monday, 24 March 2008 6:49 PM
> To: xensource.2007@xxxxxxxxxxxxxxxxx; Rudi Ahlers; xen-
> users@xxxxxxxxxxxxxxxxxxx
> Subject: RE: [Xen-users] Xen Windows Clients - BSOD
> withApplicationFirewallInstalls
> 
> 
> > 6) At firewall startup, BSOD
> > 7) Subsequent restarts result in BSOD as previously stated.
> 
> Xen appears to be sending 'large' packets onto the bridge, and the tap
> interface isn't 'un-large-ing' them.
> 
> "
> 20:40:34.437312 IP (tos 0x0, ttl 128, id 34470, offset 0, flags [DF],
> proto: TCP (6), length: 52) 192.168.207.200.5001 >
> 192.168.207.254.53981: ., cksum 0x05aa (correct), 1:1(0) ack 14505 win
> 58295 <nop,nop,timestamp 57828874 1445680997> 20:40:34.437324
> IP (tos 0x0, ttl  64, id 51510, offset 0, flags [DF],
> proto: TCP (6), length: 4396) 192.168.207.254.53981 >
> 192.168.207.200.5001: . 23193:27537(4344) ack 1 win 46
<nop,nop,timestamp
> 1445680998 57828874> 20:40:34.439653 IP (tos 0x0, ttl 128,
> id 34471, offset 0, flags [DF],
> proto: TCP (6), length: 64) 192.168.207.200.5001 >
> 192.168.207.254.53981: ., cksum 0x2a79 (correct), 1:1(0) ack 15953 win
> 56847 <nop,nop,timestamp 57828874 1445680997,nop,nop,sack 1
> {17401:18849}> 20:40:34.439670 IP (tos 0x0, ttl  64, id 51513, offset
0,
> flags [DF],
> proto: TCP (6), length: 4396) 192.168.207.254.53981 >
> 192.168.207.200.5001: . 27537:31881(4344) ack 1 win 46
<nop,nop,timestamp
> 1445680999 57828874> "
> 
> Note the lengh of 4396 - the hardware interface is supposed to break
that
> up into MSS sized chunks, but there is no hardware
> interface involved in this case.
> 
> I'm trying to resolve the problem in the GPL PV drivers.
> 
> I've had wireshark (npf.sys) BSOD when it receives a packet with a
size
> greater than MTU, so I imagine a firewall may well do the
> same thing.
> 
> Try turning off large send offload for all interfaces on the bridge
(the
> same bridge as your crashing DomU), eg:
> 
> "
> ethtool -K <ifname> gso off
> "
> 
> Iperf gives horrible results too when DomU is the 'server' and Dom0 is
the
> 'client' because of this.
> 
> James
> 
> 
> _______________________________________________
> Xen-users mailing list
> Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users
> 
> No virus found in this incoming message.
> Checked by AVG.
> Version: 7.5.519 / Virus Database: 269.22.0/1341 - Release Date:
> 24/03/2008 3:03 PM
> 
> No virus found in this outgoing message.
> Checked by AVG.
> Version: 7.5.519 / Virus Database: 269.22.0/1341 - Release Date:
> 24/03/2008 3:03 PM
> 
> 


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users