Re: KVM induced panic on 2.6.38[2367] & 2.6.39

[Brad Campbell]

On 01/06/11 19:18, CaT wrote:
> On Wed, Jun 01, 2011 at 06:53:31PM +0800, Brad Campbell wrote:
> > I rebooted into a netfilter kernel, and did all the steps I'd used
> > on the no-netfilter kernel and it ticked along happily.
> >
> > So the result of the experiment is inconclusive. Having said that,
> > the backtraces certainly smell networky.
> >
> > To get it to crash, I have to start IE in the VM and https to the
> > public address of the machine, which is then redirected by netfilter
> > back into another of the VM's.
> >
> > I can https directly to the other VM's address, but that does not
> > cause it to crash, however without netfilter loaded I can't bounce
> > off the public IP. It's all rather confusing really.
> >
> > What next Sherlock?
>
> I think you're hitting something I've seen. Can you try rewriting
> your firewall rules so that it does not reference any bridge
> interfaces at all. Instead, reference the real interface names
> in their place. I'm betting it wont crash.

Unfortunately the only interface that is mentioned by name anywhere in 
my firewall is $DMZ (which is ppp0 and not part of any bridge).

All of the nat/dnat and other horrible hacks are based on IP addresses.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/