[ovirt-users] R: R: R: R: PXE boot of a VM on vdsm don't read DHCP offer

NUNIN Roberto Roberto.Nunin at comifar.it
Fri Jul 3 14:37:57 UTC 2015 

Thanks for answering, my considerations below.

BR,



Roberto


> -----Messaggio originale-----
> Da: Fabian Deutsch [mailto:fdeutsch at redhat.com]
> Inviato: venerdì 3 luglio 2015 12:33
> A: NUNIN Roberto
> Cc: Dan Kenigsberg; users at ovirt.org
> Oggetto: Re: [ovirt-users] R: R: R: PXE boot of a VM on vdsm don't read
> DHCP offer
>
> ----- Original Message -----
> > Hi Dan, guys
> >
> > Sorry for very late follow-up, but we had a lot of other topics to fix just
> > before to go back on this one.
> >
> > We have tried another approach just to check if the kernel of the vdsm iso
> > image used to install the host could create the problem I've reported to the
> > list.
> >
> > Now we have reinstalled the same hardware with latest CentOS 7.1, fully
> > updated.
> > Installed vdsm, then joined the oVirt cluster.
> >
> > Well, we are observing the same behavior as before.
> > No DHCP offer is reaching the booting VM, and:
> >
> > brctl showmacs <bridge_if> show us the booting vm mac-address
> > tcpdump -I <bridge_if> show us the dhcp offer coming from dhcp server.
> >
> > We have also tried to remove ANY firewall rule.
> >
> > It isn't a PXE issue (gPXE 0.9.7) but only a DHCP process issue. Infact, if
> > we install a vm manually and assign a static IP, it works fine.
> > If we switch to dhcp, the vm don't get the dynamic one.
> > In this case, tcpdump on vm shows only the DHCP discovery, not the DHCP
> > offer.
> >
> > Any further suggestion/hint ?
>
> I've observed this behavior in bug
> https://bugzilla.redhat.com/show_bug.cgi?id=1230638
> We also removed all firewall rules, checked iPXE and I also saw the requests
> going out, but no replies getting to the VM.
> But here it sounds like it isn't specific to bonds.
> After all I did not find the solution yet.

In our config, I can see the DHCP offer until the hypervisor bridge interface toward vm

>
> It is probably a good idea to install the oS with a static IP, and then
> switch to dhcp to then use tcpdump inside the vm to see what is reaching
> the inside.

Already done. Vm do not acquire the IP address and, on the vm side, tcpdump shows only requests.
At the same time, the DHCP offer s detected on the bridge if of the hypervisor.

With static IP, vm works fine.

>
> - fabian
>
> >
> > RN
> >
> > > -----Messaggio originale-----
> > > Da: Dan Kenigsberg [mailto:danken at redhat.com]
> > > Inviato: lunedì 18 maggio 2015 16:14
> > > A: NUNIN Roberto
> > > Cc: users at ovirt.org; ibarkan at redhat.com
> > > Oggetto: Re: R: [ovirt-users] R: PXE boot of a VM on vdsm don't read
> DHCP
> > > offer
> > >
> > > On Fri, May 08, 2015 at 03:11:25PM +0200, NUNIN Roberto wrote:
> > > > Hi Dan
> > > > Thanks for answering
> > > >
> > > >
> > > >
> > > > > Which kernel does the el7 host run? I think that Ido has seen a case
> > > > > where `brctl showmacs` was not populated with the VM mac, despite
> a
> > > > > packet coming out of it.
> > > >
> > > > Kernel is: 3.10.0-123.20.1.el7.x86_64, package is vdsm only. Brctl isn't
> > > available within vdsm only package.
> > >
> > > Could you try upgrading to a more up-to-date
> > > http://mirror.centos.org/centos-
> > > 7/7.1.1503/updates/x86_64/Packages/kernel-3.10.0-
> > > 229.4.2.el7.x86_64.rpm
> > > ?
> > >
> > > bridge-utils is a vdsm dependency. It must exist on your host. Please
> > > see if the mac of the vNIC shows up on `brctl showmacs` as it should.
> > >
> > > > >
> > > > > Can you tcpdump and check whether the bridge propogated the DHCP
> > > offer
> > > > > to the tap device of the said VM? Does the packet generated by
> > > > > `ether-wake MAC-of-VM` reach the tap device?
> > > >
> > > > Yes: host "see" the broadcast :
> > > >         0.000000    0.0.0.0               255.255.255.255       DHCP
> > > >         346    DHCP
> > > Discover - Transaction ID 0x69267b67
> > > > It came from the right MAC:
> > > >         Source: Qumranet_15:81:03 (00:1a:4a:15:81:03)
> > > > And it is tagged correctly:
> > > >         802.1Q Virtual LAN, PRI: 0, CFI: 0, ID: 3500
> > > >
> > > > This is the offer, on the bond interface:
> > > >         1.012355    10.155.124.2          10.155.124.246        DHCP
> > > >         346    DHCP
> > > Offer    - Transaction ID 0x69267b67
> > > > Layer 2 info:
> > > >         Ethernet II, Src: Cisco_56:83:c3 (84:78:ac:56:83:c3), Dst:
> > > Qumranet_15:81:03 (00:1a:4a:15:81:03)
> > > > Tagging on the bond:
> > > >         802.1Q Virtual LAN, PRI: 0, CFI: 0, ID: 3500
> > > >
> > > > The tag is correctly removed when DHCP offer is forwarded over the
> > > bond.3500.
> > > > Here's the offer content, seems everything right:
> > > >
> > > >     Client IP address: 0.0.0.0 (0.0.0.0)
> > > >     Your (client) IP address: 10.155.124.246 (10.155.124.246)
> > > >     Next server IP address: 10.155.124.223 (10.155.124.223)
> > > >     Relay agent IP address: 10.155.124.2 (10.155.124.2)
> > > >     Client MAC address: Qumranet_15:81:03 (00:1a:4a:15:81:03)
> > > >     Client hardware address padding: 00000000000000000000
> > > >     Server host name: 10.155.124.223
> > > >     Boot file name: pxelinux.0
> > > >     Magic cookie: DHCP
> > > >
> > > > Nothing of this offer appear on the VM side.
> > >
> > > But does it show on the host's bridge? on the tap device?
> > >
> > > >
> > > > ether-wake -i bond0.3500 00:1a:4a:15:81:03 (started from the host)
> > > > reach the VM eth0 interface:
> > > >         2.002028   HewlettP_4a:47:b0     Qumranet_15:81:03     WOL
> > > >         116
> > > MagicPacket for Qumranet_15:81:03 (00:1a:4a:15:81:03)
> > > >
> > > > Really strange behavior.
> > > >
> > > > Roberto
> >
> > Questo messaggio e' indirizzato esclusivamente al destinatario indicato e
> > potrebbe contenere informazioni confidenziali, riservate o proprietarie.
> > Qualora la presente venisse ricevuta per errore, si prega di segnalarlo
> > immediatamente al mittente, cancellando l'originale e ogni sua copia e
> > distruggendo eventuali copie cartacee. Ogni altro uso e' strettamente
> > proibito e potrebbe essere fonte di violazione di legge.
> >
> > This message is for the designated recipient only and may contain
> privileged,
> > proprietary, or otherwise private information. If you have received it in
> > error, please notify the sender immediately, deleting the original and all
> > copies and destroying any hard copies. Any other use is strictly prohibited
> > and may be unlawful.
> > _______________________________________________
> > Users mailing list
> > Users at ovirt.org
> > http://lists.ovirt.org/mailman/listinfo/users
> >

Questo messaggio e' indirizzato esclusivamente al destinatario indicato e potrebbe contenere informazioni confidenziali, riservate o proprietarie. Qualora la presente venisse ricevuta per errore, si prega di segnalarlo immediatamente al mittente, cancellando l'originale e ogni sua copia e distruggendo eventuali copie cartacee. Ogni altro uso e' strettamente proibito e potrebbe essere fonte di violazione di legge.

This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, please notify the sender immediately, deleting the original and all copies and destroying any hard copies. Any other use is strictly prohibited and may be unlawful.

More information about the Users mailing list