network bridge fails to connect to the internet

Kernels & Hardware, configuring network, installing services

network bridge fails to connect to the internet

Postby devzero » 2017-02-06 15:38

Hi guys,

I just tried to configure a virtual network bridge for Xen on my home server (Jessie).
This server is part of a home subnet behind an AVM FritzBox 7362 SL router and connected via ethernet.
The FritzBox itself takes the 192.168.178.1 and is configured to always issue the 192.168.178.73 to the server.

Before establishing the bridge:
Code: Select all
# cat /etc/network/interfaces
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet dhcp

, everything works just fine.

But when I configure the bridge:
Code: Select all
# cat /etc/network/interfaces
auto lo
iface lo inet loopback

iface eth0 inet manual
auto xenbr0
iface xenbr0 inet static
        bridge_ports eth0
        address 192.168.178.73
        broadcast 192.168.178.255
        netmask 255.255.255.0
        gateway 192.168.178.1
allow-hotplug xenbr0

... and reboot, the problems occur:

I still can ssh into the server, but:
Code: Select all
# ping debian.org
ping: unknown host debian.org

# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
From 192.168.178.73 icmp_seq=1 Destination Host Unreachable
From 192.168.178.73 icmp_seq=2 Destination Host Unreachable
From 192.168.178.73 icmp_seq=3 Destination Host Unreachable
From 192.168.178.73 icmp_seq=4 Destination Host Unreachable
From 192.168.178.73 icmp_seq=5 Destination Host Unreachable
From 192.168.178.73 icmp_seq=6 Destination Host Unreachable
From 192.168.178.73 icmp_seq=7 Destination Host Unreachable
From 192.168.178.73 icmp_seq=8 Destination Host Unreachable
From 192.168.178.73 icmp_seq=9 Destination Host Unreachable
From 192.168.178.73 icmp_seq=10 Destination Host Unreachable
From 192.168.178.73 icmp_seq=11 Destination Host Unreachable
From 192.168.178.73 icmp_seq=12 Destination Host Unreachable
From 192.168.178.73 icmp_seq=13 Destination Host Unreachable
From 192.168.178.73 icmp_seq=14 Destination Host Unreachable
From 192.168.178.73 icmp_seq=15 Destination Host Unreachable
From 192.168.178.73 icmp_seq=16 Destination Host Unreachable
From 192.168.178.73 icmp_seq=17 Destination Host Unreachable
From 192.168.178.73 icmp_seq=18 Destination Host Unreachable
^C
--- 8.8.8.8 ping statistics ---
19 packets transmitted, 0 received, +18 errors, 100% packet loss, time 17999ms
pipe 3

# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master xenbr0 state UP group default qlen 1000
    link/ether b8:ae:ed:7f:9e:17 brd ff:ff:ff:ff:ff:ff
    inet 192.168.178.73/24 brd 192.168.178.255 scope global eth0
       valid_lft forever preferred_lft forever
3: xenbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
    link/ether b8:ae:ed:7f:9e:17 brd ff:ff:ff:ff:ff:ff
    inet 192.168.178.73/24 brd 192.168.178.255 scope global xenbr0
       valid_lft forever preferred_lft forever
    inet6 fe80::baae:edff:fe7f:9e17/64 scope link
       valid_lft forever preferred_lft forever

# route -n
Kernel-IP-Routentabelle
Ziel            Router          Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.178.1   0.0.0.0         UG    0      0        0 eth0
192.168.178.0   0.0.0.0         255.255.255.0   U     0      0        0 eth0
192.168.178.0   0.0.0.0         255.255.255.0   U     0      0        0 xenbr0

# route
Kernel-IP-Routentabelle
Ziel            Router          Genmask         Flags Metric Ref    Use Iface
default         192.168.178.1   0.0.0.0         UG    0      0        0 eth0
192.168.178.0   *               255.255.255.0   U     0      0        0 eth0
192.168.178.0   *               255.255.255.0   U     0      0        0 xenbr0

# ping 192.168.178.1
PING 192.168.178.1 (192.168.178.1) 56(84) bytes of data.
From 192.168.178.73 icmp_seq=1 Destination Host Unreachable
From 192.168.178.73 icmp_seq=2 Destination Host Unreachable
From 192.168.178.73 icmp_seq=3 Destination Host Unreachable
From 192.168.178.73 icmp_seq=4 Destination Host Unreachable
From 192.168.178.73 icmp_seq=5 Destination Host Unreachable
From 192.168.178.73 icmp_seq=6 Destination Host Unreachable
From 192.168.178.73 icmp_seq=7 Destination Host Unreachable
From 192.168.178.73 icmp_seq=8 Destination Host Unreachable
From 192.168.178.73 icmp_seq=9 Destination Host Unreachable
From 192.168.178.73 icmp_seq=10 Destination Host Unreachable
From 192.168.178.73 icmp_seq=11 Destination Host Unreachable
From 192.168.178.73 icmp_seq=12 Destination Host Unreachable
From 192.168.178.73 icmp_seq=13 Destination Host Unreachable
From 192.168.178.73 icmp_seq=14 Destination Host Unreachable
From 192.168.178.73 icmp_seq=15 Destination Host Unreachable
^C
--- 192.168.178.1 ping statistics ---
16 packets transmitted, 0 received, +15 errors, 100% packet loss, time 15080ms
pipe 3

After 15 min. even the ssh connection breaks down, which is really weird...

So... somehow the gateway always seems to refuse the server when the bridge is established.

Anyone an idea how to make the gateway accept the network bridge?
devzero
 
Posts: 5
Joined: 2016-11-14 04:03

Re: network bridge fails to connect to the internet

Postby devzero » 2017-03-14 04:18

Ok, after a few weeks of fiddling around I realized: the problem has NOT been the router.

It's the routing table which caused the problem.
remember? ->
Code: Select all
me@debian8 # route -n
Kernel-IP-Routentabelle
Ziel            Router          Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.178.1   0.0.0.0         UG    0      0        0 eth0
192.168.178.0   0.0.0.0         255.255.255.0   U     0      0        0 eth0
192.168.178.0   0.0.0.0         255.255.255.0   U     0      0        0 xenbr0

I compared this to a working Xen setup on an OpenSUSE system:
Code: Select all
me@opensuse # route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.178.1   0.0.0.0         UG    0      0        0 br0
192.168.178.0   0.0.0.0         255.255.255.0   U     0      0        0 br0

So back to my Debian system:
I flushed the routing table and made it look like the one in the OpenSUSE system above:
Code: Select all
me@debian8 # ip route flush all
me@debian8 # route add -net 192.168.178.0/24 dev xenbr0
me@debian8 # route add -net 0.0.0.0/0 gw 192.168.178.1 dev xenbr0
me@debian8 # route -n
Kernel-IP-Routentabelle
Ziel            Router          Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.178.1   0.0.0.0         UG    0      0        0 xenbr0
192.168.178.0   0.0.0.0         255.255.255.0   U     0      0        0 xenbr0

... and suddenly the connection to the local network as well as to the internet works without any problems.

So I wrote a little script and hooked it into my /etc/rc.local:
Code: Select all
#!/bin/bash

##  SYNOPSIS:     /usr/local/bin/reroute.sh [<subnet in CIDR notation>] [gateway address]

declare SN="192.168.178.0/24"
declare GW="192.168.178.1"
declare DEV="xenbr0"

declare -i X=0

[[ -n "$1" ]] && unset GW && SN=$1
[[ -n "$2" ]] && GW=$2

ip route flush all || X+=1
route add -net $SN dev $DEV || X+=2
route add -net 0.0.0.0/0 gw $GW dev $DEV || X+=4

exit $X

It works, but it's just a workaround...

I would like to know why the system is creating an incorrect routing table at bootup in the first place.
Guess it has to do something with /etc/network/interfaces ?
Code: Select all
me@debian8 # cat /etc/network/interfaces
iface xenbr0 inet manual
auto xenbr0
iface xenbr0 inet static
        bridge_ports eth0
        address 192.168.178.73
        broadcast 192.168.178.255
        netmask 255.255.255.0
        gateway 192.168.178.1

... but I can't figure out what's wrong with it.

Anyone an idea?
devzero
 
Posts: 5
Joined: 2016-11-14 04:03


Return to System configuration

Who is online

Users browsing this forum: No registered users and 5 guests

fashionable