Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
No http, rsync in Xen Dom0 / Ping works
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Dorsai!
Apprentice
Apprentice


Joined: 27 Jul 2008
Posts: 280
Location: Bavaria

PostPosted: Sun Aug 22, 2010 2:42 pm    Post subject: No http, rsync in Xen Dom0 / Ping works Reply with quote

Hi,

I have a Xen Box I am playing around with once in a while. I am not updating it regularly (at least the dom0) and now I have run into a little problem.
Today I wanted to make an update, but emerge is not syncing. I get the rsync server message, but then it times out.
If I try to download something using wget I get the same result.
DNS and Pinging is working, I can ping "www.google.de" for example so I have no idea how to find out more.

Xen version is 3.4.2
Xen Kernel is 2.6.31-r11
Network Mode is the default setting (bridged if I remember right), so when the xen daemon goes up it renames eth0 to peth0 and bridges it to eth0 and my domU.

I know its a bit outdated, but It ran fine so far.

I have only one DomU running, and networking works fine for it.
The DomU is a Network Router, so I can't shut it down to test because I would kick myself out of the net this way.
Nothing else of importance is running on the Dom0.
Sorry I can't give further information, but I have no Idea what to post.

The great question I am asking myself is:
How can rsync, http and ftp time out when pinging the same hosts is working?
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 16016

PostPosted: Sun Aug 22, 2010 4:16 pm    Post subject: Reply with quote

What did you try to wget? My first suspect anytime someone reports this type of problem is MTU problems causing "large" packets to get dropped, so only transactions that fit in packets smaller than the MSS work. What is the network topology to get a packet from the Dom0 to an Internet host, such as 188.40.64.12 (an arbitrarily selected member of the rsync.de.gentoo.org rotation)? A traceroute to that host would be helpful, but we also need to know the types of any of the private devices in the path. For example, do you use a PPPoE connection anywhere? Are there any "home router" type devices in the path?
Back to top
View user's profile Send private message
Dorsai!
Apprentice
Apprentice


Joined: 27 Jul 2008
Posts: 280
Location: Bavaria

PostPosted: Sun Aug 22, 2010 5:36 pm    Post subject: Reply with quote

yes the domU is the pppoE router.

Code:
tracepath 188.40.64.12
 1:  gaia.home.net (192.168.0.2)                            0.335ms pmtu 1500
 1:  Hermes.home.net (192.168.0.1)                          0.588ms
 1:  Hermes.home.net (192.168.0.1)                          0.254ms
 2:  p4FF08BE6.dip0.t-ipconnect.de (79.240.139.230)         0.355ms pmtu 1492
 2:  no reply
 3:  no reply


192.168.0.2 is the dom0
192.168.0.1 is the domU, pppoE router, gateway and local DNS.

I dont know why I don't get farther than that, but I get the exact same from my desktop, from where everything works wonderfully:

Code:
tracepath 188.40.64.12
 1:  dorsai.home.net                                       0.056ms pmtu 1500
 1:  Hermes.home.net                                       0.645ms
 1:  Hermes.home.net                                       0.696ms
 2:  p4FF08BE6.dip0.t-ipconnect.de                         0.736ms pmtu 1492
 2:  no reply
 3:  no reply


I cant install net-analyzer/traceroute on the dom0 though because I have no rsync and no http.

Further information:
The Dom0 is exactly like all other clients at home with one difference: It is bridged to the same interface as the router. All other clients in the network have no problems getting all fancy protocols through to 192.168.0.1.
The local Network seems to work though because SSH from my desktop to the dom0 works perfectly.

I believe the problem must be somehow connected to the bridge that Xen installs.

PS: The timeout happens with all servers. I tried to wget files from my webspace, html pages, the google image... everything ends in a timeout.
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 16016

PostPosted: Sun Aug 22, 2010 6:24 pm    Post subject: Reply with quote

Dorsai! wrote:
I dont know why I don't get farther than that, but I get the exact same from my desktop, from where everything works wonderfully:
The incomplete trace is unfortunate, but not unexpected. A machine can be configured to refuse to answer tracing requests, without substantially interfering with its normal operations. Some system administrators do this, often as an unintentional side effect of other security changes that they intended to make.
Dorsai! wrote:
I cant install net-analyzer/traceroute on the dom0 though because I have no rsync and no http.
Since you can connect from the dom0 to the domU, why not have the domU download these things for you and then have the dom0 fetch them from it?
Dorsai! wrote:

The Dom0 is exactly like all other clients at home with one difference: It is bridged to the same interface as the router. All other clients in the network have no problems getting all fancy protocols through to 192.168.0.1.
The local Network seems to work though because SSH from my desktop to the dom0 works perfectly.

I believe the problem must be somehow connected to the bridge that Xen installs.
I suspect that bridging the traffic through to the outside world has caused the dom0 to bypass some necessary rewrite that the domU applies to all other systems. Could you post the output of iptables-save -c as run by the domU that serves as the pppoE router?
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum