Hi All,
Since I updated to 9.000-8 I've lost connectivity to some of my machines :confused:
I have 4 VM's running on 2 machines and they are went broke at the exact same time. I ruled out the switch, I have some zones on the same solaris machines and they still work fine.
IP Information
VM that is broken (static IPs)
The astaro box (abbreviated also)
The machine initiating the connection
What I did to colelct the following information
What I saw on the VM:
What I snooped on the interface on host that runs the VM:
What I dumped on the gateway:
So form what I can see the traffic flows from the box I test on over the gateway to the solaris host, into the vnic but nothing in the vm.
However... if I do a traceroute on IPv4, it works fine. So there is traffic flowing from the vnic into the vm :confused:
The only thing that changed the last few weeks were updates to the gateway.
I'm also wondering what ff02::1:ff00:76 is? the vm has no address by this name.
Edit: seems to be broadcast address of sorts, probably not important.
I find it really strange multiple zones on the same solaris hosts still work fine but these VM don't, no updates have been done to those boxes in the last months or so. I also tried rebooting them and rebooting the switch. No effect, i'm really puzzeled.
What is even more strange, after a reboot of the vm. IPv6 works... for like 5 minutes before it dies again.
[code]# snoop -d venergy1 -P
Using device venergy1 (non promiscuous)
fe80::230:18ff:fea3:5239 -> ff02::1 ICMPv6 Router advertisement
fe80::230:18ff:fea3:5239 -> ff02::1 ICMPv6 Router advertisement
fe80::230:18ff:fea3:5239 -> ff02::1 ICMPv6 Router advertisement
fe80::8:20ff:fe08:c873 -> ff02::1 ICMPv6 Neighbor advertisement
momentum.acheron.be -> ff02::1 ICMPv6 Neighbor advertisement
I'm now starting to doubt it is an astaro issue, but that is the only thing that changed between working and not working :/
Since I updated to 9.000-8 I've lost connectivity to some of my machines :confused:
I have 4 VM's running on 2 machines and they are went broke at the exact same time. I ruled out the switch, I have some zones on the same solaris machines and they still work fine.
IP Information
VM that is broken (static IPs)
Code:
[root@energy ~]# ip a
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 02:08:20:36:79:5a brd ff:ff:ff:ff:ff:ff
inet 172.16.30.76/24 brd 172.16.30.255 scope global eth0
inet6 2001:6f8:1480:30::76/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::8:20ff:fe36:795a/64 scope link
valid_lft forever preferred_lft foreverCode:
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:30:18:a3:52:39 brd ff:ff:ff:ff:ff:ff
inet6 fe80::230:18ff:fea3:5239/64 scope link
valid_lft forever preferred_lft forever
6: eth1.300@eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
link/ether 00:30:18:a3:52:39 brd ff:ff:ff:ff:ff:ff
inet 172.16.30.1/24 brd 172.16.30.255 scope global eth1.300
inet6 2001:6f8:1480:30::1/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::230:18ff:fea3:5239/64 scope link
valid_lft forever preferred_lft forever
7: eth1.150@eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
link/ether 00:30:18:a3:52:39 brd ff:ff:ff:ff:ff:ff
inet 172.16.15.1/24 brd 172.16.15.255 scope global eth1.150
inet6 2001:6f8:1480:15::1/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::230:18ff:fea3:5239/64 scope link
valid_lft forever preferred_lft foreverCode:
en1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether e4:ce:8f:0a:db:a8
inet6 fe80::e6ce:8fff:fe0a:dba8%en1 prefixlen 64 scopeid 0x4
inet6 2001:6f8:1480:15:e6ce:8fff:fe0a:dba8 prefixlen 64 autoconf
inet6 2001:6f8:1480:15:a5c0:e69:53e1:c275 prefixlen 64 autoconf temporary
inet 172.16.15.150 netmask 0xffffff00 broadcast 172.16.15.255
media: autoselect
status: activeCode:
sjorge@Axion ~ $ traceroute6 2001:6f8:1480:30::76
traceroute6 to 2001:6f8:1480:30::76 (2001:6f8:1480:30::76) from 2001:6f8:1480:15:a5c0:e69:53e1:c275, 64 hops max, 12 byte packets
1 2001:6f8:1480:15::1 4.899 ms 2.043 ms 1.983 ms
2 2001:6f8:1480:15::1 3003.053 ms !A 3281.540 ms !A 3072.824 ms !ACode:
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
0 packets captured
0 packets received by filter
0 packets dropped by kernelCode:
# snoop -d venergy1 -P
Using device venergy1 (non promiscuous)
fe80::230:18ff:fea3:5239 -> ff02::1:ff00:76 ICMPv6 Neighbor solicitation
fe80::230:18ff:fea3:5239 -> ff02::1:ff00:76 ICMPv6 Neighbor solicitation
fe80::230:18ff:fea3:5239 -> ff02::1:ff00:76 ICMPv6 Neighbor solicitation
fe80::230:18ff:fea3:5239 -> ff02::1:ff00:76 ICMPv6 Neighbor solicitation
fe80::230:18ff:fea3:5239 -> ff02::1:ff00:76 ICMPv6 Neighbor solicitation
fe80::230:18ff:fea3:5239 -> ff02::1:ff00:76 ICMPv6 Neighbor solicitation
fe80::230:18ff:fea3:5239 -> ff02::1:ff00:76 ICMPv6 Neighbor solicitation
fe80::230:18ff:fea3:5239 -> ff02::1:ff00:76 ICMPv6 Neighbor solicitation
fe80::230:18ff:fea3:5239 -> ff02::1:ff00:76 ICMPv6 Neighbor solicitationCode:
inertia:/root # tcpdump -s0 -ieth1.300 -vvv 'ip6'
tcpdump: listening on eth1.300, link-type EN10MB (Ethernet), capture size 65535 bytes
10:13:36.233778 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 32) fe80::8:20ff:feaa:ea74 > fe80::230:18ff:fea3:5239: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has fe80::230:18ff:fea3:5239
source link-address option (1), length 8 (1): 02:08:20:aa:ea:74
0x0000: 0208 20aa ea74
10:13:36.233872 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 24) fe80::230:18ff:fea3:5239 > fe80::8:20ff:feaa:ea74: [icmp6 sum ok] ICMP6, neighbor advertisement, length 24, tgt is fe80::230:18ff:fea3:5239, Flags [router, solicited]
10:13:38.378264 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 32) fe80::230:18ff:fea3:5239 > ff02::1:ff00:76: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has 2001:6f8:1480:30::76
source link-address option (1), length 8 (1): 00:30:18:a3:52:39
0x0000: 0030 18a3 5239
10:13:39.377342 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 32) fe80::230:18ff:fea3:5239 > ff02::1:ff00:76: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has 2001:6f8:1480:30::76
source link-address option (1), length 8 (1): 00:30:18:a3:52:39
0x0000: 0030 18a3 5239
10:13:40.377337 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 32) fe80::230:18ff:fea3:5239 > ff02::1:ff00:76: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has 2001:6f8:1480:30::76
source link-address option (1), length 8 (1): 00:30:18:a3:52:39
0x0000: 0030 18a3 5239
10:13:41.237382 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 32) fe80::230:18ff:fea3:5239 > fe80::8:20ff:feaa:ea74: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has fe80::8:20ff:feaa:ea74
source link-address option (1), length 8 (1): 00:30:18:a3:52:39
0x0000: 0030 18a3 5239
10:13:41.237594 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 32) fe80::8:20ff:feaa:ea74 > fe80::230:18ff:fea3:5239: [icmp6 sum ok] ICMP6, neighbor advertisement, length 32, tgt is fe80::8:20ff:feaa:ea74, Flags [solicited, override]
destination link-address option (2), length 8 (1): 02:08:20:aa:ea:74
0x0000: 0208 20aa ea74
10:13:41.382946 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 32) fe80::230:18ff:fea3:5239 > ff02::1:ff00:76: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has 2001:6f8:1480:30::76
source link-address option (1), length 8 (1): 00:30:18:a3:52:39
0x0000: 0030 18a3 5239
10:13:42.381333 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 32) fe80::230:18ff:fea3:5239 > ff02::1:ff00:76: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has 2001:6f8:1480:30::76
source link-address option (1), length 8 (1): 00:30:18:a3:52:39
0x0000: 0030 18a3 5239
10:13:43.381350 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 32) fe80::230:18ff:fea3:5239 > ff02::1:ff00:76: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has 2001:6f8:1480:30::76
source link-address option (1), length 8 (1): 00:30:18:a3:52:39
0x0000: 0030 18a3 5239
10:13:44.664409 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 32) fe80::230:18ff:fea3:5239 > ff02::1:ff00:76: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has 2001:6f8:1480:30::76
source link-address option (1), length 8 (1): 00:30:18:a3:52:39
0x0000: 0030 18a3 5239
10:13:45.661340 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 32) fe80::230:18ff:fea3:5239 > ff02::1:ff00:76: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has 2001:6f8:1480:30::76
source link-address option (1), length 8 (1): 00:30:18:a3:52:39
0x0000: 0030 18a3 5239
10:13:46.661344 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 32) fe80::230:18ff:fea3:5239 > ff02::1:ff00:76: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has 2001:6f8:1480:30::76
source link-address option (1), length 8 (1): 00:30:18:a3:52:39
0x0000: 0030 18a3 5239
^C
13 packets captured
13 packets received by filter
0 packets dropped by kernelHowever... if I do a traceroute on IPv4, it works fine. So there is traffic flowing from the vnic into the vm :confused:
The only thing that changed the last few weeks were updates to the gateway.
I'm also wondering what ff02::1:ff00:76 is? the vm has no address by this name.
Edit: seems to be broadcast address of sorts, probably not important.
I find it really strange multiple zones on the same solaris hosts still work fine but these VM don't, no updates have been done to those boxes in the last months or so. I also tried rebooting them and rebooting the switch. No effect, i'm really puzzeled.
What is even more strange, after a reboot of the vm. IPv6 works... for like 5 minutes before it dies again.
[code]# snoop -d venergy1 -P
Using device venergy1 (non promiscuous)
fe80::230:18ff:fea3:5239 -> ff02::1 ICMPv6 Router advertisement
fe80::230:18ff:fea3:5239 -> ff02::1 ICMPv6 Router advertisement
fe80::230:18ff:fea3:5239 -> ff02::1 ICMPv6 Router advertisement
fe80::8:20ff:fe08:c873 -> ff02::1 ICMPv6 Neighbor advertisement
momentum.acheron.be -> ff02::1 ICMPv6 Neighbor advertisement
I'm now starting to doubt it is an astaro issue, but that is the only thing that changed between working and not working :/