Public bug reported:
Description: Ubuntu 16.04.3 LTS
Release: 16.04
libvirt-bin:
Installed: 1.3.1-1ubuntu10.14
Candidate: 1.3.1-1ubuntu10.14
The starting/stopping time of the domain is dramatically increased after
adding nw-filter rule:
Actual timings:
--------------
# time virsh destroy 9000
Domain 9000 destroyed
real 0m9.252s
user 0m0.024s
sys 0m0.000s
Expected timings: (without active filterref item)
----------------
$ time virsh destroy 9000
Domain 9000 destroyed
real 0m0.633s
user 0m0.012s
sys 0m0.008s
Steps to reproduce:
------------------
1. Enable any firewall rule, which is shipped with a package. In example
it could be allow-arp:
<interface type='bridge'>
<mac address='52:54:00:86:69:a7'/>
<source bridge='br0'/>
<model type='virtio'/>
<filterref filter='allow-arp'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03'
function='0x0'/>
</interface>
2. Stop domain:
$ virsh destroy 9000
3. Start domain:
$ LIBVIRT_DEBUG=debug virsh start 9000
Debug output attached as libvirt-debug.log
** Affects: libvirt (Ubuntu)
Importance: Undecided
Status: New
** Attachment added: "libvirt-debug.log"
https://bugs.launchpad.net/bugs/1727366/+attachment/4994596/+files/libvirt-debug.log
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1727366
Title:
virsh start/destroy is too slow after adding firewall rule
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1727366/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
