Bug 186207
Summary: | SSH fails to complete with xen guest | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Deon George <dizzy> |
Component: | xen | Assignee: | Daniel Veillard <veillard> |
Status: | CLOSED UPSTREAM | QA Contact: | Brian Brock <bbrock> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 5 | CC: | katzj, xen-maint |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2006-11-20 15:15:28 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 179599 |
Description
Deon George
2006-03-22 08:58:57 UTC
Just tried it, it works for me in a slightly different configuration. It seems to be a problem with the ADSL router blocking TCP from the guest. Try to check the MTU size used on the interfaces. Also confirm that both the xen0 and the xenU are running pristine FC5 installations, because that works for me. But if ssh out to local network works, but not over the ADSL, I would suspect IP trouble with the router, again check the MTUs. Daniel Hmm.. OK, this box was a cleaned FC5Test3 install - which I yum updated to FC5 when it was released. Remember, ssh from xen-guest to xen-host works fine. SSH from xen-guest to another host, whether that host is on the internet, or via a VPN tunnel stops. I too, thought of MTU - its all defaults (1500), but I did drop it down to 1400 without success. The TCP trace that I performed didnt suggest a MTU size problem (i would have thought i'd get "need fragement" (or whatever the icmp is)... My ADSL router is in BRIDGE mode - so it is transparent here - Linux owns the internet connection with PPPoE - so I dont believe the ADSL router will have any inclusion here. Also remember I can SSH without any problems from the xen-host and other systems on the network - just NOT from xen-guests. I've just realised that the xen guest is running the FC5Test3 kernel, so I'll change that and see how it goes. (I had this problem when it was all FC5Test3)... Just so I know we did the same thing - were you able to ssh to user.net from your xen guest - and you got a login/password prompt? yes $ ssh xen-fc5 -l root Last login: Thu Mar 23 00:27:13 2006 from 10.0.0.11 [root@xen-fc5 ~]# ssh user.net The authenticity of host 'shell.sf.net (66.35.250.208)' can't be established. DSA key fingerprint is 4c:68:03:d4:5c:58:a6:1d:9d:17:13:24:14:48:ba:99. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'shell.sf.net,66.35.250.208' (DSA) to the list of known hosts. user.net's password: Works for me... please try to reinstall the guess using the FC5 released environment, it does work for me. What happen if your guest is running in another machine than the one driving the PPPoE connection ? Daniel Hey Daniel - I'm stumped. Finally got xenguest-install.py to install a guest. In the guest SSH works successfully to local ethernet devices (both to and from works fine), however it does not work across the PPPoE link on the xen host to "non local" SSH hosts. (I have tried to shell.sf.net as well as through IPSEC tunnels that use that link - both fail at the same spot. IE: I have network connectivity, but something stalls the SSH connection.) I can successfully connect to SSH hosts via other servers that use the same PPPoE link as the xen host (IE: I route through that host). So the problem has to be going from xenguest -> xenhost -> pppoe Have you got any ideas? Why does it work for other physical hosts, but not for xen guests? I've just noticed and can confirm that everytime I SSH to a host via the PPPoE link on the xenhost, that the xen guest reports the following in syslog: kernel: Received packet is 10 bytes before head. I think this is related - googling around doesnt show a workaround for this... Got any ideas? Please confirm this has been resolved with newer releases. This is not a problem with FC6. Using ssh from a xen guest, to a host via a PPPoE link (where the PPPoE link is on the xen host) works fine. Thanks ... closing. |