Apart form anything else, multicast continues to be broken in many kernels.
https://bugzilla.redhat.com/show_bug.cgi?id=880035 Run: tcpdump -i virbr0 port zented in another window and everything will magically start working. On 16/06/2013, at 3:26 AM, Digimer <li...@alteeve.ca> wrote: > Ah, I think it's a problem with the firewall rules on the host. Not sure how > to fix it though... > > lemass:/home/digimer# iptables-save > # Generated by iptables-save v1.4.16.2 on Sat Jun 15 13:26:33 2013 > *nat > :PREROUTING ACCEPT [246583:89552160] > :INPUT ACCEPT [2335:362026] > :OUTPUT ACCEPT [11740:741351] > :POSTROUTING ACCEPT [11706:738225] > -A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -p tcp -j MASQUERADE > --to-ports 1024-65535 > -A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -p udp -j MASQUERADE > --to-ports 1024-65535 > -A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -j MASQUERADE > COMMIT > # Completed on Sat Jun 15 13:26:33 2013 > # Generated by iptables-save v1.4.16.2 on Sat Jun 15 13:26:33 2013 > *mangle > :PREROUTING ACCEPT [3250861:2486027770] > :INPUT ACCEPT [2557761:1301267981] > :FORWARD ACCEPT [444644:1094901100] > :OUTPUT ACCEPT [1919457:2636518995] > :POSTROUTING ACCEPT [2364615:3731498365] > -A POSTROUTING -o virbr0 -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill > COMMIT > # Completed on Sat Jun 15 13:26:33 2013 > # Generated by iptables-save v1.4.16.2 on Sat Jun 15 13:26:33 2013 > *filter > :INPUT ACCEPT [2557761:1301267981] > :FORWARD ACCEPT [0:0] > :OUTPUT ACCEPT [1919457:2636518995] > -A INPUT -i virbr0 -p udp -m udp --dport 53 -j ACCEPT > -A INPUT -i virbr0 -p tcp -m tcp --dport 53 -j ACCEPT > -A INPUT -i virbr0 -p udp -m udp --dport 67 -j ACCEPT > -A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT > -A FORWARD -d 192.168.122.0/24 -o virbr0 -m conntrack --ctstate > RELATED,ESTABLISHED -j ACCEPT > -A FORWARD -s 192.168.122.0/24 -i virbr0 -j ACCEPT > -A FORWARD -i virbr0 -o virbr0 -j ACCEPT > -A FORWARD -o virbr0 -j REJECT --reject-with icmp-port-unreachable > -A FORWARD -i virbr0 -j REJECT --reject-with icmp-port-unreachable > COMMIT > # Completed on Sat Jun 15 13:26:33 2013 > > digimer > > On 06/15/2013 01:09 PM, Digimer wrote: >> Hi all, >> >> I'm trying to play with pacemaker on fedora 19 (pre-release) and I am >> having trouble getting the guests to talk to the host. >> >> From the host, I can run; >> >> lemass:/home/digimer# fence_xvm -o list >> pcmk1 83f6abdc-bb48-d794-4aca-13f091f32c8b on >> pcmk2 2d778455-de7d-a9fa-994c-69d7b079fda8 on >> >> I can fence the guests from the host as well. However, I can not get the >> list (or fence) from the quests; >> >> [root@pcmk1 ~]# fence_xvm -o list >> Timed out waiting for response >> Operation failed >> >> I suspect a multicast issue, but so far as I can tell, multicast is >> enabled on the bridge; >> >> lemass:/home/digimer# ifconfig >> virbr0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 >> inet 192.168.122.1 netmask 255.255.255.0 broadcast >> 192.168.122.255 >> ether 52:54:00:da:90:a1 txqueuelen 0 (Ethernet) >> RX packets 103858 bytes 8514464 (8.1 MiB) >> RX errors 0 dropped 0 overruns 0 frame 0 >> TX packets 151988 bytes 177742562 (169.5 MiB) >> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 >> >> vnet0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 >> inet6 fe80::fc54:ff:feed:3701 prefixlen 64 scopeid 0x20<link> >> ether fe:54:00:ed:37:01 txqueuelen 500 (Ethernet) >> RX packets 212828 bytes 880551892 (839.7 MiB) >> RX errors 0 dropped 0 overruns 0 frame 0 >> TX packets 225430 bytes 182955760 (174.4 MiB) >> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 >> >> vnet1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 >> inet6 fe80::fc54:ff:fe45:e9ae prefixlen 64 scopeid 0x20<link> >> ether fe:54:00:45:e9:ae txqueuelen 500 (Ethernet) >> RX packets 4840 bytes 587902 (574.1 KiB) >> RX errors 0 dropped 0 overruns 0 frame 0 >> TX packets 7495 bytes 899578 (878.4 KiB) >> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 >> >> I tried specifying the mcast address and port without success. >> >> The host's config is: >> >> lemass:/home/digimer# cat /etc/fence_virt.conf >> backends { >> libvirt { >> uri = "qemu:///system"; >> } >> >> } >> >> listeners { >> multicast { >> port = "1229"; >> family = "ipv4"; >> interface = "virbr0"; >> address = "239.192.214.190"; >> key_file = "/etc/cluster/fence_xvm.key"; >> } >> >> } >> >> fence_virtd { >> module_path = "/usr/lib64/fence-virt"; >> backend = "libvirt"; >> listener = "multicast"; >> } >> >> The cluster forms and corosync is using multicast, so I am not sure if >> mcast really is the problem. >> >> Any tips/help? >> >> Thanks! >> > > > -- > Digimer > Papers and Projects: https://alteeve.ca/w/ > What if the cure for cancer is trapped in the mind of a person without access > to education? > > _______________________________________________ > Pacemaker mailing list: Pacemaker@oss.clusterlabs.org > http://oss.clusterlabs.org/mailman/listinfo/pacemaker > > Project Home: http://www.clusterlabs.org > Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf > Bugs: http://bugs.clusterlabs.org _______________________________________________ Pacemaker mailing list: Pacemaker@oss.clusterlabs.org http://oss.clusterlabs.org/mailman/listinfo/pacemaker Project Home: http://www.clusterlabs.org Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf Bugs: http://bugs.clusterlabs.org
