New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

after qvm-killing sys-net, can't restart it, Mac address in use (R4.0-rc1) #3163

Closed
0spinboson opened this Issue Oct 9, 2017 · 17 comments

Comments

@0spinboson

Qubes OS version (e.g., R3.2):

R4.0-rc1

Affected TemplateVMs (e.g., fedora-23, if applicable):

debian-8


Steps to reproduce the behavior:

start, then qvm-kill sys-net, then try to restart it.

Expected behavior:

sys-net boots

Actual behavior:

sys-net fails to boot, error message is displayed about mac address.

@schnurentwickler

This comment has been minimized.

Show comment
Hide comment
@schnurentwickler

schnurentwickler Oct 11, 2017

That also happens in Qubes 3.2.
Because a clean shutdown is missing, some missing command cannot release the xen mac address. (I think) After some time waiting the restart works without any error. (only if the sys-net VM boots up successfully and then and only then the following network-ordered ProxyVM starts.)

schnurentwickler commented Oct 11, 2017

That also happens in Qubes 3.2.
Because a clean shutdown is missing, some missing command cannot release the xen mac address. (I think) After some time waiting the restart works without any error. (only if the sys-net VM boots up successfully and then and only then the following network-ordered ProxyVM starts.)

@ERFier

This comment has been minimized.

Show comment
Hide comment
@ERFier

ERFier Nov 2, 2017

I had a similar issue in R4 rc2. It turned out that I can restart sys-net if i shutdown the attached sys-firewall. I dont know how its working in detail but it seems like the connected VM keeps the pipe open and the restarted vm tries to create a new one with the same MAC. Once the connected vm is shut down the channel is freed and sys-net can create it again.

ERFier commented Nov 2, 2017

I had a similar issue in R4 rc2. It turned out that I can restart sys-net if i shutdown the attached sys-firewall. I dont know how its working in detail but it seems like the connected VM keeps the pipe open and the restarted vm tries to create a new one with the same MAC. Once the connected vm is shut down the channel is freed and sys-net can create it again.

@marmarek

This comment has been minimized.

Show comment
Hide comment
@marmarek

marmarek Jan 8, 2018

Member

This is user visible effect of missing libvirt functionality: #1426. Closing as duplicate.

Member

marmarek commented Jan 8, 2018

This is user visible effect of missing libvirt functionality: #1426. Closing as duplicate.

@marmarek marmarek closed this Jan 8, 2018

@marmarek marmarek added the duplicate label Jan 8, 2018

@marmarek

This comment has been minimized.

Show comment
Hide comment
@marmarek

marmarek Jan 29, 2018

Member

I'm reopening this one, because there may be a way to allow this particular functionality (restarting sys-net without restarting all other VMs) without fully implementing missing underlying functionality (#1426).

Member

marmarek commented Jan 29, 2018

I'm reopening this one, because there may be a way to allow this particular functionality (restarting sys-net without restarting all other VMs) without fully implementing missing underlying functionality (#1426).

@marmarek marmarek reopened this Jan 29, 2018

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Jan 29, 2018

vm/mix/net: fix handling network detach/attach on VM startup
- catch both QubesException and libvirtError - do not kill starting VM
just because an error while connecting _other_ VMs to it
- try to detach network first (and do not abort on error) - if
libvirt/libxl will manage to cleanup stale interface this way, the
attach operation below may succeed.

Fixes QubesOS/qubes-issues#3163

@marmarek marmarek removed the duplicate label Jan 29, 2018

@qubesos-bot

This comment has been minimized.

Show comment
Hide comment
@qubesos-bot

qubesos-bot Jan 29, 2018

Automated announcement from builder-github

The package qubes-core-dom0-4.0.21-1.fc25 has been pushed to the r4.0 testing repository for dom0.
To test this update, please install it with the following command:

sudo qubes-dom0-update --enablerepo=qubes-dom0-current-testing

Changes included in this update

Automated announcement from builder-github

The package qubes-core-dom0-4.0.21-1.fc25 has been pushed to the r4.0 testing repository for dom0.
To test this update, please install it with the following command:

sudo qubes-dom0-update --enablerepo=qubes-dom0-current-testing

Changes included in this update

@qubesos-bot qubesos-bot referenced this issue in QubesOS/updates-status Jan 29, 2018

Closed

core-admin v4.0.21 (r4.0) #395

@qubesos-bot

This comment has been minimized.

Show comment
Hide comment
@qubesos-bot

qubesos-bot Jan 30, 2018

Automated announcement from builder-github

The package xen_4.8.3-2+deb10u1 has been pushed to the r4.0 testing repository for the Debian template.
To test this update, first enable the testing repository in /etc/apt/sources.list.d/qubes-*.list by uncommenting the line containing buster-testing (or appropriate equivalent for your template version), then use the standard update command:

sudo apt-get update && sudo apt-get dist-upgrade

Changes included in this update

Automated announcement from builder-github

The package xen_4.8.3-2+deb10u1 has been pushed to the r4.0 testing repository for the Debian template.
To test this update, first enable the testing repository in /etc/apt/sources.list.d/qubes-*.list by uncommenting the line containing buster-testing (or appropriate equivalent for your template version), then use the standard update command:

sudo apt-get update && sudo apt-get dist-upgrade

Changes included in this update

@qubesos-bot

This comment has been minimized.

Show comment
Hide comment
@qubesos-bot

qubesos-bot Jan 30, 2018

Automated announcement from builder-github

The package xen_4.8.3-2+deb9u1 has been pushed to the r4.0 testing repository for the Debian template.
To test this update, first enable the testing repository in /etc/apt/sources.list.d/qubes-*.list by uncommenting the line containing stretch-testing (or appropriate equivalent for your template version), then use the standard update command:

sudo apt-get update && sudo apt-get dist-upgrade

Changes included in this update

Automated announcement from builder-github

The package xen_4.8.3-2+deb9u1 has been pushed to the r4.0 testing repository for the Debian template.
To test this update, first enable the testing repository in /etc/apt/sources.list.d/qubes-*.list by uncommenting the line containing stretch-testing (or appropriate equivalent for your template version), then use the standard update command:

sudo apt-get update && sudo apt-get dist-upgrade

Changes included in this update

@qubesos-bot

This comment has been minimized.

Show comment
Hide comment
@qubesos-bot

qubesos-bot Jan 30, 2018

Automated announcement from builder-github

The package vmm-xen has been pushed to the r4.0 testing repository for the CentOS centos7 template.
To test this update, please install it with the following command:

sudo yum update --enablerepo=qubes-vm-r4.0-current-testing

Changes included in this update

Automated announcement from builder-github

The package vmm-xen has been pushed to the r4.0 testing repository for the CentOS centos7 template.
To test this update, please install it with the following command:

sudo yum update --enablerepo=qubes-vm-r4.0-current-testing

Changes included in this update

@qubesos-bot

This comment has been minimized.

Show comment
Hide comment
@qubesos-bot

qubesos-bot Jan 30, 2018

Automated announcement from builder-github

The package python2-xen-4.8.3-2.fc25 has been pushed to the r4.0 testing repository for dom0.
To test this update, please install it with the following command:

sudo qubes-dom0-update --enablerepo=qubes-dom0-current-testing

Changes included in this update

Automated announcement from builder-github

The package python2-xen-4.8.3-2.fc25 has been pushed to the r4.0 testing repository for dom0.
To test this update, please install it with the following command:

sudo qubes-dom0-update --enablerepo=qubes-dom0-current-testing

Changes included in this update

@qubesos-bot

This comment has been minimized.

Show comment
Hide comment
@qubesos-bot

qubesos-bot Jan 30, 2018

Automated announcement from builder-github

The component vmm-xen (including package python2-xen-4.8.3-2.fc26) has been pushed to the r4.0 testing repository for the Fedora template.
To test this update, please install it with the following command:

sudo yum update --enablerepo=qubes-vm-r4.0-current-testing

Changes included in this update

Automated announcement from builder-github

The component vmm-xen (including package python2-xen-4.8.3-2.fc26) has been pushed to the r4.0 testing repository for the Fedora template.
To test this update, please install it with the following command:

sudo yum update --enablerepo=qubes-vm-r4.0-current-testing

Changes included in this update

@qubesos-bot

This comment has been minimized.

Show comment
Hide comment
@qubesos-bot

qubesos-bot Feb 6, 2018

Automated announcement from builder-github

The package vmm-xen has been pushed to the r4.0 stable repository for the Fedora centos7 template.
To install this update, please use the standard update command:

sudo yum update

Changes included in this update

Automated announcement from builder-github

The package vmm-xen has been pushed to the r4.0 stable repository for the Fedora centos7 template.
To install this update, please use the standard update command:

sudo yum update

Changes included in this update

@qubesos-bot

This comment has been minimized.

Show comment
Hide comment
@qubesos-bot

qubesos-bot Feb 6, 2018

Automated announcement from builder-github

The package xen_2001:4.8.3-2+deb9u1 has been pushed to the r4.0 stable repository for the Debian template.
To install this update, please use the standard update command:

sudo apt-get update && sudo apt-get dist-upgrade

Changes included in this update

Automated announcement from builder-github

The package xen_2001:4.8.3-2+deb9u1 has been pushed to the r4.0 stable repository for the Debian template.
To install this update, please use the standard update command:

sudo apt-get update && sudo apt-get dist-upgrade

Changes included in this update

@qubesos-bot

This comment has been minimized.

Show comment
Hide comment
@qubesos-bot

qubesos-bot Feb 6, 2018

Automated announcement from builder-github

The package qubes-core-dom0-4.0.21-1.fc25 has been pushed to the r4.0 stable repository for dom0.
To install this update, please use the standard update command:

sudo qubes-dom0-update

Or update dom0 via Qubes Manager.

Changes included in this update

Automated announcement from builder-github

The package qubes-core-dom0-4.0.21-1.fc25 has been pushed to the r4.0 stable repository for dom0.
To install this update, please use the standard update command:

sudo qubes-dom0-update

Or update dom0 via Qubes Manager.

Changes included in this update

@qubesos-bot

This comment has been minimized.

Show comment
Hide comment
@qubesos-bot

qubesos-bot Feb 6, 2018

Automated announcement from builder-github

The package python2-xen-4.8.3-2.fc25 has been pushed to the r4.0 stable repository for dom0.
To install this update, please use the standard update command:

sudo qubes-dom0-update

Or update dom0 via Qubes Manager.

Changes included in this update

Automated announcement from builder-github

The package python2-xen-4.8.3-2.fc25 has been pushed to the r4.0 stable repository for dom0.
To install this update, please use the standard update command:

sudo qubes-dom0-update

Or update dom0 via Qubes Manager.

Changes included in this update

@andrewdavidwong

This comment has been minimized.

Show comment
Hide comment
@andrewdavidwong

andrewdavidwong Feb 6, 2018

Member

I'm reopening this one, because there may be a way to allow this particular functionality (restarting sys-net without restarting all other VMs) without fully implementing missing underlying functionality (#1426).

Is there any reason not to implement the "restarting sys-net without restarting all other VMs" feature as a script that performs the steps below?

  1. Sets the netvms of all ProxyVMs depending on sys-net to none.
  2. Shuts down sys-net.
  3. Starts sys-net.
  4. Sets the netvms of all ProxyVMs modified in step 1 back to sys-net.

I personally use a simple bash script for this (because the only ProxyVM I have to modify is sys-firewall).

Edit: Oh, I think I see now. The problem is that there's a bug that prevents step 3 from occurring, because sys-net won't start back up again after it's been shut down. Is that right?

Member

andrewdavidwong commented Feb 6, 2018

I'm reopening this one, because there may be a way to allow this particular functionality (restarting sys-net without restarting all other VMs) without fully implementing missing underlying functionality (#1426).

Is there any reason not to implement the "restarting sys-net without restarting all other VMs" feature as a script that performs the steps below?

  1. Sets the netvms of all ProxyVMs depending on sys-net to none.
  2. Shuts down sys-net.
  3. Starts sys-net.
  4. Sets the netvms of all ProxyVMs modified in step 1 back to sys-net.

I personally use a simple bash script for this (because the only ProxyVM I have to modify is sys-firewall).

Edit: Oh, I think I see now. The problem is that there's a bug that prevents step 3 from occurring, because sys-net won't start back up again after it's been shut down. Is that right?

@marmarek

This comment has been minimized.

Show comment
Hide comment
@marmarek

marmarek Feb 6, 2018

Member

The problem is that there's a bug that prevents step 3 from occurring, because sys-net won't start back up again after it's been shut down. Is that right?

Yes. Also step 1 breaks if sys-net is already crashed.
And I think I've fixed both things already. It should be possible to start sys-net again, after it being shutdown for whatever reason, even without detaching network first. This isn't the proper fix, mostly a workaround, but I hope an effective one.

Member

marmarek commented Feb 6, 2018

The problem is that there's a bug that prevents step 3 from occurring, because sys-net won't start back up again after it's been shut down. Is that right?

Yes. Also step 1 breaks if sys-net is already crashed.
And I think I've fixed both things already. It should be possible to start sys-net again, after it being shutdown for whatever reason, even without detaching network first. This isn't the proper fix, mostly a workaround, but I hope an effective one.

marmarek added a commit to QubesOS/qubes-core-admin that referenced this issue Feb 17, 2018

vm/mix/net: fix handling network detach/attach on VM startup
- catch both QubesException and libvirtError - do not kill starting VM
just because an error while connecting _other_ VMs to it
- try to detach network first (and do not abort on error) - if
libvirt/libxl will manage to cleanup stale interface this way, the
attach operation below may succeed.

Fixes QubesOS/qubes-issues#3163

(cherry picked from commit a6a7efc)
Heavily modified for R3.2 codebase.
@qubesos-bot

This comment has been minimized.

Show comment
Hide comment
@qubesos-bot

qubesos-bot Mar 12, 2018

Automated announcement from builder-github

The component vmm-xen (including package python2-xen-4.8.3-3.fc26) has been pushed to the r4.0 stable repository for the Fedora template.
To install this update, please use the standard update command:

sudo yum update

Changes included in this update

Automated announcement from builder-github

The component vmm-xen (including package python2-xen-4.8.3-3.fc26) has been pushed to the r4.0 stable repository for the Fedora template.
To install this update, please use the standard update command:

sudo yum update

Changes included in this update

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment