Xen/Ubuntu: Host to Guest Bridge Traffic Problem

in flag

Problem. New Ubuntu/Xen host/guest combos seem to work perfectly except for a lack of host to guest ethernet traffic flow.

Specifically. I create xen hosts and guests using the default/routine commands/processes and get the result of no ethernet traffic flow from the host to the guest as each pings the other.

Fault observations. Comparing the output of a number of trouble shooting commands on this machine to the same commands on a machine that works perfectly, the following two discrepancies are the only differences that I have been able to identify.

1/. Monitoring both the host bridge xenbr0 and the guest eth0 with tcpdump as the guest pings the host shows that Arp packets transit from guest to host with the responses visible on the host xenbr0 but not on the guest eth0 interface.

2/. Similarly the command ## brctl showmacs xenbr0 provides the expected output, however the 00:16:3e:xx:xx:xx addresses of the guests are missing.

A bit of detail of host/guest creation. I create a new Xen host by creating an install usb key from and then run ## apt-get install xen-hypervisor-amd64 etc which results in a host machine that seems to me to operate as usual.

Similarly I create guests using ## xen-create-image onto lvm with settings to allocate a fixed ip address to the guest. Again the guest seems to operate as normal when accessed using via ## xl console guest

Some detail on the systems Host and guest of the failing system are running netplan and the mobo is Asrock J3160 Itx. I’ve tried the possible combinations of Ubuntu 20.04, 22.04, host and guest including a known good guest on both a 20.04 and a 22.04 host. Results of each test the same (as far as I can tell).

Troubleshooting tools. I’ve valued Ubuntu/Xen for more than a decade. Rebuilds have “just worked”. I am now seeking tools/help to trouble shoot and resolve this issue.

ve flag

I think you might be getting this bug described here:
5.15.0-58.64 breaks xen bridge networking (pvh domU)

tl;dr from that bug report is apparently this is a regresion related to a security fix. There's a fix currently being tested. The kernel version which has the potential fix is 5.15.0-66

To solve (best solution):

Wait. Bug fixes should come through as part of your usual apt-get update && apt-get upgrade. I'd wait a few days and try updating.

For an immediate fix (less recommended):

Subscribe to pre-releases to get the most up-to-date kernel.

  1. Add deb bionic-proposed main to the file /etc/apt/sources.list (note replace "bionic" with your current distro if you're using a different ubuntu version)
  2. apt-get update
  3. apt-get full-upgrade *
  • Note that apt full-upgrade is necessary here, not simply apt upgrade, as many users are in the habit of typing. The full-upgrade portion of the command will instruct Ubuntu to also upgrade the system kernel. You will then need to reboot the system in order to utilize the new kernel.

Again the target version for the fix is 5.15.0.-66 so you should see a message like:

The following NEW packages will be installed:
linux-headers-5.15.0-66 linux-headers-5.15.0-66-generic linux-modules- 

when you run apt-get full-upgrade

XenKiwi avatar
in flag
Many thanks curios. I tried your Immediate "less recommended" fix ending up with 5.4.0-144 on Focal 20.4 and pings back and forth. Struggled with this since about 20th January. Burned lots of hours. My first post here. So again many thanks curios for identifying the link between my problem and the security fix. I'll blow my server away and rebuild everything from scratch sometime soon.
I sit in a Tesla and translated this thread with Ai:


Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.