[CentOS-virt] KVM integrated network (user mode) dying after inactivity

Thu Jun 5 13:10:01 UTC 2014
Timo Schöler <timo at riscworks.net>

On 06/05/2014 12:37 PM, thus George Dunlap spake:
> On Wed, Jun 4, 2014 at 7:40 PM, Timo Schöler <timo at riscworks.net> 
> wrote:
>> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
>> Hi list,
>> I searched the web for bug reports regarding this phenomenon I 
>> see on *multiple* machines of a customer, however, I didn't find
>>  an exact fit. So, I'd like to ask here whether anyone else has 
>> run into this.
>> I have multiple CentOS 6 machines running using KVM to virtualize
>> a bunch of machines on them (LVM-based).
>> Software releases as following:
>> [root at fe00 ~]# rpm -qa|egrep '(virt|kvm)' 
>> virt-viewer-0.5.6-8.el6_5.3.x86_64 
>> libvirt-python-0.10.2-29.el6_5.7.x86_64 
>> libvirt-client-0.10.2-29.el6_5.7.x86_64 
>> qemu-kvm- 
>> libvirt-0.10.2-29.el6_5.7.x86_64 
>> python-virtinst-0.600.0-18.el6.noarch
>> [root at fe00 ~]# uname -r 2.6.32-431.17.1.el6.x86_64
>> The VMs (here: two) have the "default" connection provided by
>> KVM (heading to the internet) as well as a bridged interface to 
>> connect to a high performance backbone, where sensitive data is 
>> kept and bandwidth is an issue (or better, not :), on a second 
>> interface within the VMs:
>> [root at fe00 ~]# brctl show bridge name     bridge id STP enabled 
>> interfaces br1             8000.001b21xxxxxx yes
>> eth1 vnet1 vnet3 virbr0 8000.525400xxxxxx       yes virbr0-nic
>> vnet0 vnet2
>> br1 is the interface connected to the backbone, virbr0 KVM's user
>> mode network.
>> After some time of inactivity on the virbr0 interface, from 
>> *within* the VMs connection is *lost*. The interface(s) lose 
>> their IP; running dhclient(8) is not of any use.
>> To get the machine back onto track, ``service libvirtd restart''
>>  has to be issued: Vanished iptables rules show up again. (This,
>>  in contrast to an Ubuntu document [0], fixes it without shutting
>>  the VM(s) down.) Starting dhclient(8) within the VMs gets 
>> connectivity back.
> Have you verified that the iptables rules disappear?  That is: * 
> Initially, the NAT rule is present * After inactivity, the NAT rule
> disappears * After restarting libvirtd, the NAT rule re-appears?
> -George


yes, it's exactly that way it happens.