Bug 177794

Summary: Networking conflicts between xend and iptables
Product: [Fedora] Fedora Reporter: Stephen Tweedie <sct>
Component: xenAssignee: Rik van Riel <riel>
Status: CLOSED RAWHIDE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: katzj, notting, sct
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: xen-3.0-0.20060130.fc5.3 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-02-02 22:23:02 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 179599    

Description Stephen Tweedie 2006-01-14 05:21:58 UTC 
Description of problem:

Networking is unreliable (often failing entirely) after the xen service is
started if iptables are enabled.

Version-Release number of selected component (if applicable):
FC5test2:
  xen-3.0-0.20060110.fc5.2.i386.rpm
  iptables-1.3.4-2.1.i386.rpm

How reproducible:
100%

Steps to Reproduce:
1. Install FC5test2 with default firewall enabled
2. yum install kernel-xen-hypervisor
3. boot into hypervisor kernel
  
Actual results:
Networking stops working once the xen service starts during boot.  Services that
run prior to that see the network fine.

Expected results:
Networking should really keep working 

Additional info:
This is almost certainly due to Xen's extensive use of bridging.  When xend
starts up, part of the process involves moving the main (usually eth0) IF to a
new name (typically peth0), then setting up a bridge and a new virtual eth0
which inherits the IP settings of the old physical IF.  The way the iptables
rules are set up does not work under this environment.

Booting after "chkconfig iptables off" runs just fine.
Comment 1 Bill Nottingham 2006-02-02 22:23:02 UTC 
Fixed in xen-3.0-0.20060130.fc5.3.