Bug 196571 - network aliases inaccessable outside local subnet
network aliases inaccessable outside local subnet
Product: Fedora
Classification: Fedora
Component: xen (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Xen Maintainance List
Martin Jenner
Depends On:
  Show dependency treegraph
Reported: 2006-06-24 20:20 EDT by Rick Johnson
Modified: 2008-02-26 18:12 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2008-02-26 18:12:37 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Rick Johnson 2006-06-24 20:20:17 EDT
Description of problem:
Aliases on domU domains (i.e. eth0:1) inaccessible outside of local subnet

Version-Release number of selected component (if applicable):
xen-3.0.2-3.FC5 w/ kernel-xenU-2.6.17-1.2139_FC5  (also reproducable in 1-2
earlier versions), child domain running RHEL4 codebase, but booted vi xend with
kernel-xenU kernel mentioned above (/lib/modules/`uname -r` copied to RHEL4 tree).

How reproducible:

Steps to Reproduce:
1. Create xen domain, configure domain to have eth0 interface and eth0:1 alias.
Ensure domain is running a webserver or equivelant generic service. 
2. Attempt access to domain via alias interface from local subnet.
3. Attempt access to domain via alias interface from non-local subnet.

Actual results:
Connectivity from local subnet on aliased eth0:1 works fine. Connectivity from
outside subnet on aliased eth0:1 broken. Connectivity to base interface eth0

Expected results:
Connectivity on either interface should work.

Additional info:
Running ifdown eth0:1, then ifup eth0:1 restores connectivity remotely. Running
a packet capture on eth0 while broken shows the SYN packets coming in from the
remote subnet, however, packets are not ack'd by the local system.
Comment 1 Red Hat Bugzilla 2007-07-24 19:56:06 EDT
change QA contact
Comment 2 Chris Lalancette 2008-02-26 18:12:37 EST
This report targets FC5, which is now end-of-life.

Please re-test against Fedora 7 or later, and if the issue persists, open a new bug.


Note You need to log in before you can comment on or make changes to this bug.