# XEN domU w. kernel 2.6.39+ can only access internal network

## ronino

I am trying to upgrade the kernel on my domU's to 3.2.1, currently they are running 2.6.38. The dom0 already runs with 3.2.1, everything is fine with that. But when I boot the domU's with any kernel greater than 2.6.38 (e.g. 3.2.1), they can only access the internal network, but not the internet (or at least reliably).

Pinging an external IP with the new kernel tells me "Destination Host Unreachable" (though sometimes the first pings work), internal IP's work fine.

Disabling iptables doesn't change anything.

2.6.38 domU kernel config:

```
$ grep XEN .config

CONFIG_XEN=y

# CONFIG_XEN_PRIVILEGED_GUEST is not set

CONFIG_XEN_PVHVM=y

CONFIG_XEN_MAX_DOMAIN_MEMORY=128

CONFIG_XEN_SAVE_RESTORE=y

# CONFIG_XEN_DEBUG_FS is not set

CONFIG_XEN_BLKDEV_FRONTEND=y

CONFIG_XEN_NETDEV_FRONTEND=y

CONFIG_XEN_KBDDEV_FRONTEND=y

CONFIG_HVC_XEN=y

CONFIG_XEN_FBDEV_FRONTEND=y

CONFIG_XEN_BALLOON=y

CONFIG_XEN_SCRUB_PAGES=y

CONFIG_XEN_DEV_EVTCHN=y

CONFIG_XENFS=y

CONFIG_XEN_COMPAT_XENFS=y

CONFIG_XEN_SYS_HYPERVISOR=y

CONFIG_XEN_XENBUS_FRONTEND=y

# CONFIG_XEN_GNTDEV is not set
```

3.2.1 domU kernel config:

```
$ grep XEN .config

CONFIG_XEN=y

# CONFIG_XEN_PRIVILEGED_GUEST is not set

CONFIG_XEN_MAX_DOMAIN_MEMORY=128

CONFIG_XEN_SAVE_RESTORE=y

# CONFIG_XEN_DEBUG_FS is not set

CONFIG_XEN_BLKDEV_FRONTEND=y

CONFIG_XEN_NETDEV_FRONTEND=y

CONFIG_INPUT_XEN_KBDDEV_FRONTEND=y

CONFIG_HVC_XEN=y

# CONFIG_XEN_WDT is not set

CONFIG_XEN_FBDEV_FRONTEND=y

CONFIG_XEN_BALLOON=y

CONFIG_XEN_SCRUB_PAGES=y

CONFIG_XEN_DEV_EVTCHN=y

CONFIG_XENFS=y

CONFIG_XEN_COMPAT_XENFS=y

CONFIG_XEN_SYS_HYPERVISOR=y

CONFIG_XEN_XENBUS_FRONTEND=y

CONFIG_XEN_GNTDEV=m

CONFIG_XEN_GRANT_DEV_ALLOC=m
```

3.2.1 dom0 kernel config:

```
$ grep XEN .config

CONFIG_XEN=y

CONFIG_XEN_DOM0=y

CONFIG_XEN_PRIVILEGED_GUEST=y

CONFIG_XEN_PVHVM=y

CONFIG_XEN_MAX_DOMAIN_MEMORY=128

CONFIG_XEN_SAVE_RESTORE=y

# CONFIG_XEN_DEBUG_FS is not set

CONFIG_PCI_XEN=y

CONFIG_XEN_PCIDEV_FRONTEND=y

CONFIG_XEN_BLKDEV_FRONTEND=y

CONFIG_XEN_BLKDEV_BACKEND=y

# CONFIG_NETXEN_NIC is not set

# CONFIG_XEN_NETDEV_FRONTEND is not set

CONFIG_XEN_NETDEV_BACKEND=y

CONFIG_INPUT_XEN_KBDDEV_FRONTEND=y

CONFIG_HVC_XEN=y

# CONFIG_XEN_WDT is not set

CONFIG_XEN_FBDEV_FRONTEND=y

CONFIG_XEN_BALLOON=y

CONFIG_XEN_SCRUB_PAGES=y

CONFIG_XEN_DEV_EVTCHN=y

CONFIG_XEN_BACKEND=y

CONFIG_XENFS=y

CONFIG_XEN_COMPAT_XENFS=y

CONFIG_XEN_SYS_HYPERVISOR=y

CONFIG_XEN_XENBUS_FRONTEND=y

CONFIG_XEN_GNTDEV=m

CONFIG_XEN_GRANT_DEV_ALLOC=m

CONFIG_SWIOTLB_XEN=y

CONFIG_XEN_PCIDEV_BACKEND=m
```

I am running xen and xen-tools 4.1.2.

Any idea what I am missing?

----------

## SharkWipf

Did you ever fix this?

I am having the same problem, but with KVM and any guest kernel greater than 2.6.38. I don't want to force our customers to use our kernelimage, but with this bug we are forced to.

EDIT: I fixed it on my end, finally. I have described how at my own question on Serverfault.Last edited by SharkWipf on Fri Jul 13, 2012 12:06 pm; edited 1 time in total

----------

## ronino

 *SharkWipf wrote:*   

> Did you ever fix this?

 

Unfortunately not yet. I suppose that I need to create the bridge myself, but so far I couldn't find out how to do this. So my domU's are still running on 2.6.38...

----------

## SharkWipf

 *ronino wrote:*   

>  *SharkWipf wrote:*   Did you ever fix this? 
> 
> Unfortunately not yet. I suppose that I need to create the bridge myself, but so far I couldn't find out how to do this. So my domU's are still running on 2.6.38...

 

Wow, nice timing. I *just* updated my post above with an answer. I hope it can solve your problem too.

----------

## ronino

 *SharkWipf wrote:*   

> *just* updated my post above with an answer. I hope it can solve your problem too.

 

Just one and a half year later ;-) I was required to install a 2.6.39+ kernel and could fix the problem with your solution. Thank you so much!

----------

