Red Hat Bugzilla – Bug 1075543
Libvirt does not terminate when DHCP snooping is being used
Last modified: 2016-04-26 12:16:25 EDT
Description of problem: Version-Release number of selected component (if applicable): libvirt-daemon-1.1.1-23.el7.x86_64 How reproducible: Steps to Reproduce: 1. Start a VM that uses DHCP snooping containing the following domain XML fragment: <interface type='bridge'> <source bridge='br0'/> <model type='virtio'/> <filterref filter='clean-traffic'> <parameter name='CTRL_IP_LEARNING' value='dhcp'/> </filterref> </interface> 2. Try to terminate libvirtd using the following command for example: kill -SIGTERM $(pidof libvirtd) Actual results: Trying to terminate libvirtd does not work. Libvirtd has to be killed using 'SIGKILL'. Expected results: Libvirtd should terminate. Additional info: The patch resolving this issue has been pushed to the upstream repo: commit a718eb19e344f2d8f5e9042a290f9aaa8f651a78 Author: Stefan Berger <stefanb@linux.vnet.ibm.com> Date: Mon Mar 3 15:13:44 2014 -0500 nwfilter: Cap the poll timeout in the DHCP Snooping code Cap the poll timeout in the DHCP Snooping code to a max. of 10 seconds to not hold up the libvirt shutdown longer than this. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Would it be possible to apply this patch to an upcoming version of the el7 libvirt?
Verified bug as below: [root@ibm-x3850x5-06 ~]# rpm -q libvirt libvirt-1.2.8-7.el7.x86_64 [root@ibm-x3850x5-06 ~]# [root@ibm-x3850x5-06 ~]# virsh dumpxml r7| grep /interface -B8 <interface type='network'> <mac address='02:54:00:36:c6:d0'/> <source network='default'/> <model type='virtio'/> <filterref filter='clean-traffic'> <parameter name='CTRL_IP_LEARNING' value='dhcp'/> </filterref> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/> </interface> [root@ibm-x3850x5-06 ~]# virsh start r7 Domain r7 started [root@ibm-x3850x5-06 ~]# service libvirtd status Redirecting to /bin/systemctl status libvirtd.service libvirtd.service - Virtualization daemon Loaded: loaded (/usr/lib/systemd/system/libvirtd.service; enabled) Active: active (running) since Mon 2014-11-24 17:58:23 CST; 29s ago Docs: man:libvirtd(8) http://libvirt.org Main PID: 14380 (libvirtd) CGroup: /system.slice/libvirtd.service ├─14144 /sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --dhcp-script=/usr/libexe... ├─14145 /sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --dhcp-script=/usr/libexe... └─14380 /usr/sbin/libvirtd Nov 24 17:58:30 ibm-x3850x5-06.qe.lab.eng.nay.redhat.com libvirtd[14380]: 2014-11-24 09:58:30.848+0000: 145...2 Nov 24 17:58:30 ibm-x3850x5-06.qe.lab.eng.nay.redhat.com libvirtd[14380]: 2014-11-24 09:58:30.848+0000: 145...3 Nov 24 17:58:30 ibm-x3850x5-06.qe.lab.eng.nay.redhat.com libvirtd[14380]: 2014-11-24 09:58:30.848+0000: 145...4 Nov 24 17:58:30 ibm-x3850x5-06.qe.lab.eng.nay.redhat.com libvirtd[14380]: 2014-11-24 09:58:30.848+0000: 145...5 Nov 24 17:58:30 ibm-x3850x5-06.qe.lab.eng.nay.redhat.com libvirtd[14380]: 2014-11-24 09:58:30.848+0000: 145...6 Nov 24 17:58:30 ibm-x3850x5-06.qe.lab.eng.nay.redhat.com libvirtd[14380]: 2014-11-24 09:58:30.848+0000: 145...7 Nov 24 17:58:30 ibm-x3850x5-06.qe.lab.eng.nay.redhat.com libvirtd[14380]: 2014-11-24 09:58:30.848+0000: 145...8 Nov 24 17:58:30 ibm-x3850x5-06.qe.lab.eng.nay.redhat.com libvirtd[14380]: 2014-11-24 09:58:30.848+0000: 145...9 Nov 24 17:58:30 ibm-x3850x5-06.qe.lab.eng.nay.redhat.com libvirtd[14380]: 2014-11-24 09:58:30.848+0000: 145...0 Nov 24 17:58:30 ibm-x3850x5-06.qe.lab.eng.nay.redhat.com libvirtd[14380]: 2014-11-24 09:58:30.848+0000: 145...1 Hint: Some lines were ellipsized, use -l to show in full. [root@ibm-x3850x5-06 ~]# kill -SIGTERM 14380 [root@ibm-x3850x5-06 ~]# service libvirtd status Redirecting to /bin/systemctl status libvirtd.service libvirtd.service - Virtualization daemon Loaded: loaded (/usr/lib/systemd/system/libvirtd.service; enabled) Active: inactive (dead) since Mon 2014-11-24 17:59:17 CST; 26s ago Docs: man:libvirtd(8) http://libvirt.org Process: 14380 ExecStart=/usr/sbin/libvirtd $LIBVIRTD_ARGS (code=exited, status=0/SUCCESS) Main PID: 14380 (code=exited, status=0/SUCCESS) Nov 24 17:58:30 ibm-x3850x5-06.qe.lab.eng.nay.redhat.com libvirtd[14380]: 2014-11-24 09:58:30.848+0000: 145...6 Nov 24 17:58:30 ibm-x3850x5-06.qe.lab.eng.nay.redhat.com libvirtd[14380]: 2014-11-24 09:58:30.848+0000: 145...7 Nov 24 17:58:30 ibm-x3850x5-06.qe.lab.eng.nay.redhat.com libvirtd[14380]: 2014-11-24 09:58:30.848+0000: 145...8 Nov 24 17:58:30 ibm-x3850x5-06.qe.lab.eng.nay.redhat.com libvirtd[14380]: 2014-11-24 09:58:30.848+0000: 145...9 Nov 24 17:58:30 ibm-x3850x5-06.qe.lab.eng.nay.redhat.com libvirtd[14380]: 2014-11-24 09:58:30.848+0000: 145...0 Nov 24 17:58:30 ibm-x3850x5-06.qe.lab.eng.nay.redhat.com libvirtd[14380]: 2014-11-24 09:58:30.848+0000: 145...1 Nov 24 17:59:06 ibm-x3850x5-06.qe.lab.eng.nay.redhat.com dnsmasq-dhcp[14144]: DHCPDISCOVER(virbr0) 02:54:00...0 Nov 24 17:59:06 ibm-x3850x5-06.qe.lab.eng.nay.redhat.com dnsmasq-dhcp[14144]: DHCPOFFER(virbr0) 192.168.122...0 Nov 24 17:59:06 ibm-x3850x5-06.qe.lab.eng.nay.redhat.com dnsmasq-dhcp[14144]: DHCPREQUEST(virbr0) 192.168.1...0 Nov 24 17:59:06 ibm-x3850x5-06.qe.lab.eng.nay.redhat.com dnsmasq-dhcp[14144]: DHCPACK(virbr0) 192.168.122.1...g Hint: Some lines were ellipsized, use -l to show in full. [root@ibm-x3850x5-06 ~]# Move to Verified.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHSA-2015-0323.html