[CentOS] Not firewall, but what?

Fri May 7 13:44:39 UTC 2010
Jussi Hirvi <listmember at greenspot.fi>

Ok, I have now ssh account with which I can reproduce the errors. The 
error is now narrowed down to inside the box: tcpdump shows that data is 
coming in, but nothing is leaving.

The box is a xen system with 2 if-cards which are shared with xen 
guests. The error is connected to eth0 (not eth1) and affects both the 
host and one guest system. However, guest4, which uses eth0 only, works 
quite ok!

Here is a list of the host and guest, their if cards, and errors:

xen host: eth0 (produces the error with some clients)
            ...and eth1 (default gateway; works ok)
guest2: eth1 (ok)
guest3: eth1 (ok)
guest4:   eth0 (ok)
guest5: eth0 (errors), eth1 (ok)

Below is some more data. I would still need ideas about what to test.

Again I made sure that the firewall (iptables) does not cause the error. 
Not tcpwrapper either: /etc/hosts.allow and /etc/hosts.deny are both empty.

- Jussi


Physical if cards:

Intel Corporation 82567LM-3 Gigabit Network Connection
(eth0; on motherboard)

Realtek Semiconductor Co., Ltd. RTL-8139/8139C/8139C+
(eth1; very old card)

ifconfig output:

eth0      Link encap:Ethernet  HWaddr 00:1C:C0:D7:A6:5B
           inet addr:62.236.221.67  Bcast:62.236.221.79 
Mask:255.255.255.240
           inet6 addr: fe80::21c:c0ff:fed7:a65b/64 Scope:Link
           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
           RX packets:1470 errors:0 dropped:0 overruns:0 frame:0
           TX packets:37 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:0
           RX bytes:121445 (118.5 KiB)  TX bytes:7584 (7.4 KiB)

eth1      Link encap:Ethernet  HWaddr 00:02:44:97:95:50
           inet addr:62.220.237.104  Bcast:62.220.237.127 
Mask:255.255.255.224
           inet6 addr: fe80::202:44ff:fe97:9550/64 Scope:Link
           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
           RX packets:22601 errors:0 dropped:0 overruns:0 frame:0
           TX packets:3371 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:0
           RX bytes:1644700 (1.5 MiB)  TX bytes:598979 (584.9 KiB)

lo        Link encap:Local Loopback
           inet addr:127.0.0.1  Mask:255.0.0.0
           inet6 addr: ::1/128 Scope:Host
           UP LOOPBACK RUNNING  MTU:16436  Metric:1
           RX packets:168 errors:0 dropped:0 overruns:0 frame:0
           TX packets:168 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:0
           RX bytes:11574 (11.3 KiB)  TX bytes:11574 (11.3 KiB)

peth0     Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
           inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
           UP BROADCAST RUNNING NOARP  MTU:1500  Metric:1
           RX packets:49343 errors:0 dropped:0 overruns:0 frame:0
           TX packets:35975 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:100
           RX bytes:5661018 (5.3 MiB)  TX bytes:5200943 (4.9 MiB)
           Memory:d0600000-d0620000

peth1     Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
           inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
           UP BROADCAST RUNNING NOARP  MTU:1500  Metric:1
           RX packets:115801 errors:0 dropped:0 overruns:0 frame:0
           TX packets:125786 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:1000
           RX bytes:23407678 (22.3 MiB)  TX bytes:83301169 (79.4 MiB)
           Interrupt:19 Base address:0xa100

vif0.0    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
           inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
           UP BROADCAST RUNNING NOARP  MTU:1500  Metric:1
           RX packets:37 errors:0 dropped:0 overruns:0 frame:0
           TX packets:1470 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:0
           RX bytes:7584 (7.4 KiB)  TX bytes:121445 (118.5 KiB)

vif0.1    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
           inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
           UP BROADCAST RUNNING NOARP  MTU:1500  Metric:1
           RX packets:3391 errors:0 dropped:0 overruns:0 frame:0
           TX packets:22614 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:0
           RX bytes:603387 (589.2 KiB)  TX bytes:1645558 (1.5 MiB)

vif2.0    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
           inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
           UP BROADCAST RUNNING NOARP  MTU:1500  Metric:1
           RX packets:5877 errors:0 dropped:0 overruns:0 frame:0
           TX packets:23727 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:32
           RX bytes:379075 (370.1 KiB)  TX bytes:2115170 (2.0 MiB)

vif3.0    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
           inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
           UP BROADCAST RUNNING NOARP  MTU:1500  Metric:1
           RX packets:28011 errors:0 dropped:0 overruns:0 frame:0
           TX packets:50422 errors:0 dropped:22 overruns:0 carrier:0
           collisions:0 txqueuelen:32
           RX bytes:16503337 (15.7 MiB)  TX bytes:12688396 (12.1 MiB)

vif4.0    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
           inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
           UP BROADCAST RUNNING NOARP  MTU:1500  Metric:1
           RX packets:32753 errors:0 dropped:0 overruns:0 frame:0
           TX packets:34011 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:32
           RX bytes:4416529 (4.2 MiB)  TX bytes:4253292 (4.0 MiB)

vif5.0    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
           inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
           UP BROADCAST RUNNING NOARP  MTU:1500  Metric:1
           RX packets:3302 errors:0 dropped:0 overruns:0 frame:0
           TX packets:16735 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:32
           RX bytes:280451 (273.8 KiB)  TX bytes:1521618 (1.4 MiB)

vif5.1    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
           inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
           UP BROADCAST RUNNING NOARP  MTU:1500  Metric:1
           RX packets:59898 errors:0 dropped:0 overruns:0 frame:0
           TX packets:71340 errors:0 dropped:74 overruns:0 carrier:0
           collisions:0 txqueuelen:32
           RX bytes:62709103 (59.8 MiB)  TX bytes:10451893 (9.9 MiB)

virbr0    Link encap:Ethernet  HWaddr 00:00:00:00:00:00
           inet addr:192.168.122.1  Bcast:192.168.122.255 
Mask:255.255.255.0
           inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link
           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
           RX packets:0 errors:0 dropped:0 overruns:0 frame:0
           TX packets:27 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:0
           RX bytes:0 (0.0 b)  TX bytes:6484 (6.3 KiB)

xenbr0    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
           UP BROADCAST RUNNING NOARP  MTU:1500  Metric:1
           RX packets:1135 errors:0 dropped:0 overruns:0 frame:0
           TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:0
           RX bytes:82476 (80.5 KiB)  TX bytes:0 (0.0 b)

xenbr1    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
           UP BROADCAST RUNNING NOARP  MTU:1500  Metric:1
           RX packets:17410 errors:0 dropped:0 overruns:0 frame:0
           TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:0
           RX bytes:819653 (800.4 KiB)  TX bytes:0 (0.0 b)



-- 
Jussi Hirvi * Green Spot
Topeliuksenkatu 15 C * 00250 Helsinki * Finland
Tel. +358 9 493 981 * Mobile +358 40 771 2098 (only sms)
jussi.hirvi at greenspot.fi * http://www.greenspot.fi