Re: KVM induced panic on 2.6.38[2367] & 2.6.39

From: Brad Campbell
Date: Wed Jun 01 2011 - 07:52:53 EST

On 01/06/11 19:18, CaT wrote:
On Wed, Jun 01, 2011 at 06:53:31PM +0800, Brad Campbell wrote:
I rebooted into a netfilter kernel, and did all the steps I'd used
on the no-netfilter kernel and it ticked along happily.

So the result of the experiment is inconclusive. Having said that,
the backtraces certainly smell networky.

To get it to crash, I have to start IE in the VM and https to the
public address of the machine, which is then redirected by netfilter
back into another of the VM's.

I can https directly to the other VM's address, but that does not
cause it to crash, however without netfilter loaded I can't bounce
off the public IP. It's all rather confusing really.

What next Sherlock?

I think you're hitting something I've seen. Can you try rewriting
your firewall rules so that it does not reference any bridge
interfaces at all. Instead, reference the real interface names
in their place. I'm betting it wont crash.

Unfortunately the only interface that is mentioned by name anywhere in my firewall is $DMZ (which is ppp0 and not part of any bridge).

All of the nat/dnat and other horrible hacks are based on IP addresses.
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at