On Wed, Apr 25, 2018 at 11:25 PM, Laine Stump <[email protected]> wrote:
> When an nwfilter rule sets the parameter CTRL_IP_LEARNING to "dhcp", > this turns on the "dhcpsnoop" thread, which uses libpcap to monitor > traffic on the domain's tap device and extract the IP address from the > DHCP response. > > If libpcap on the host is built with TPACKET_V3 defined, the dhcpsnoop > code's initialization of the libpcap socket fails with the following > error: > > virNWFilterSnoopDHCPOpen:1134 : internal error: pcap_setfilter: can't > remove kernel filter: Bad file descriptor > > It turns out that this was because libpcap with TPACKET_V3 defined > requires a larger buffer size than libvirt was setting (we were > setting it to 128k). Changing the buffer size to 256k eliminates the > error, and the dhcpsnoop thread once again works properly. > > Thanks to Christian Ehrhardt <[email protected]> for discovering that > buffer size was the problem. > > Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1547237 > Signed-off-by: Laine Stump <[email protected]> > --- > src/nwfilter/nwfilter_dhcpsnoop.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/src/nwfilter/nwfilter_dhcpsnoop.c b/src/nwfilter/nwfilter_ > dhcpsnoop.c > index 6069e70460..62eb617515 100644 > --- a/src/nwfilter/nwfilter_dhcpsnoop.c > +++ b/src/nwfilter/nwfilter_dhcpsnoop.c > @@ -259,7 +259,7 @@ struct _virNWFilterDHCPDecodeJob { > * libpcap 1.5 requires a 128kb buffer > * 128 kb is bigger than (DHCP_PKT_BURST * PCAP_PBUFSIZE / 2) > */ > I just started building with the change for a few tests on this - no results yet. But we are all puzzled/unsure enough on the size that I'd already ask to modify the comment above to explain the new size. Maybe we should explain: - why 128 isn't enough - why you chose "only" 256 - why the default size might be too big - your size considerations for many guest scenarios That will help the next one stumbling over this code. > -# define PCAP_BUFFERSIZE (128 * 1024) > +# define PCAP_BUFFERSIZE (256 * 1024) > > # define MAX_QUEUED_JOBS (DHCP_PKT_BURST + 2 * DHCP_PKT_RATE) > > -- > 2.14.3 > > -- > libvir-list mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/libvir-list > -- Christian Ehrhardt Software Engineer, Ubuntu Server Canonical Ltd
-- libvir-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/libvir-list
