Page 1 of 2 12 LastLast
Results 1 to 10 of 13
  1. #1
    Newbie
    Join Date
    Nov 2011
    Location
    "Multi-homed"
    Posts
    9

    Default untangle virtual under qemu / kvm . NICs fail to work after two or three days.

    Hello

    I have a setup where we used to install untangle on top of opensuse + vmware server. Now that vmware server does not work on newer builds, we are starting to work on opensuse + kvm / qemu (i5cpu).


    We installed a set of virtual guests (centos, untangle, opensuse, ubuntu server) but what we are seeing is that untangle seems to fail to get to the network after two or three days of operations.

    We didn't seems to find anything on the logs. Rebooting the virtual untangle guest solves the issue most of the times. The other virtuals so far kept working.

    The set up is a br0 which is the external network (a bridge) ,and then br1 which is the internal nic card/bridge. untangle is connected to br0 + br1, while all other guests are connected to br1.

    We tried swapping nic cards (virtio, ne2k, e1000, amd, whatever) but we keep getting the same thing.

    Sometimes rebooting untangle does not work to get it to work again: we need to actually shut down all guests for untangle to see the network again.

    Have you seen something similar with untangle/kvm builds in the past?

  2. #2
    Master Untangler
    Join Date
    Mar 2011
    Location
    Auburn, NY
    Posts
    437

    Default

    I don't think your going to get much response on this as not many use KVM here.

    I happened to make a move on my home network from VirtualBox to KVM over the weekend. I am running CentOS6 as my host and Untangle is obviously the guest. I am also using the bridge networking and everything seems to be well. To make it even more complicated one of my bridges are actually a bond of two Intel NIC's. This seems to be working very well.

    I would suggest looking for errors on one of your interfaces. Look at both the host and the guest for errors. I had an issue with a bad switch port causing a ton of RX errors.

    If all else fails I would look to do NIC passthrough if your device support VT-d I believe it is.

  3. #3
    Newbie
    Join Date
    Nov 2011
    Location
    "Multi-homed"
    Posts
    9

    Default

    Quote Originally Posted by AdamB View Post
    I don't think your going to get much response on this as not many use KVM here.

    I happened to make a move on my home network from VirtualBox to KVM over the weekend. I am running CentOS6 as my host and Untangle is obviously the guest. I am also using the bridge networking and everything seems to be well. To make it even more complicated one of my bridges are actually a bond of two Intel NIC's. This seems to be working very well.

    I would suggest looking for errors on one of your interfaces. Look at both the host and the guest for errors. I had an issue with a bad switch port causing a ton of RX errors.

    If all else fails I would look to do NIC passthrough if your device support VT-d I believe it is.

    Thanks for your answer.

    The physical host is still available and didn't need to be rebooted. We have also fixed the speeds of both physical nic cards a while ago. From what we have seen this far, only the untangle guest seems to be affected. All other guests and the physical host are still available over the same nic card, so that of sorts out the RX/TX errors because os a bad switch, but we'll take a look next time it happens.

    Regards

    note: nic cards are one onboard e1000, and a pci realtek gigabit card. I replied already, but the forum is telling me that it needs moderator approval...
    Last edited by un_yorugua; 11-29-2011 at 12:39 PM.

  4. #4
    Master Untangler
    Join Date
    Mar 2011
    Location
    Auburn, NY
    Posts
    437

    Default

    Quote Originally Posted by un_yorugua View Post
    Thanks for your answer.

    The physical host is still available and didn't need to be rebooted. We have also fixed the speeds of both physical nic cards a while ago. From what we have seen this far, only the untangle guest seems to be affected. All other guests and the physical host are still available over the same nic card, so that of sorts out the RX/TX errors because os a bad switch, but we'll take a look next time it happens.

    Regards
    Just on a side note what brand are these NIC's?

  5. #5
    Newbie
    Join Date
    Nov 2011
    Location
    "Multi-homed"
    Posts
    9

    Default

    Quote Originally Posted by AdamB View Post
    Just on a side note what brand are these NIC's?
    on-board e1000 and a gigabit realtek pci card.

  6. #6
    Newbie
    Join Date
    Nov 2011
    Location
    "Multi-homed"
    Posts
    9

    Default

    Quote Originally Posted by AdamB View Post
    Just on a side note what brand are these NIC's?
    onboard intel e1000 (external net) and gigabit realtek pci card (internal).

  7. #7
    Newbie
    Join Date
    Nov 2011
    Location
    "Multi-homed"
    Posts
    9

    Default

    Quote Originally Posted by AdamB View Post
    Just on a side note what brand are these NIC's?
    Trying again... integrated intel e1000 , and a pci gigabit realtek.

  8. #8
    Master Untangler
    Join Date
    Mar 2011
    Location
    Auburn, NY
    Posts
    437

    Default

    Quote Originally Posted by un_yorugua View Post
    Trying again... integrated intel e1000 , and a pci gigabit realtek.
    When you say Untangle fails to get to the network what exactly do you mean? For example can you hit the internal interface of Untangle but can't get out external? Or is it you can't hit the internal interface? If you can't hit the internal interface how does the external interface look from console? Just trying to get a better idea if you are losing internal or external connectivity.

    Although I haven't had any issues many users in the community will tell you to stay away from Reltek at all costs with Untangle. For some reason Untangle doesn't play well with those nic's.

    When this is happening I would be looking for errors on your interfaces. Along with reviewing all logs in /var/log.

  9. #9
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,510

    Default

    It isn't that they don't work, it's that they are cheap! If you have a good RTL card, it works fine. We have a new appliance based on them. They aren't as quick as the Intels, but they work.

    There are just some really freaking cheap cards out there that do stupid crap. And there are even more cheap PCI busses out there that do even more stupid crap.

    I chant "Go Intel or go home" because an Intel interface, on an Intel PCI bus, powered by an Intel processor, ALWAYS works. If it doesn't work, it will work soon, because Intel will make it work.

    It's really nice to not be in that mode where you're stuck.

    As for what's up here, I have no experience with KVM. You do want to generally use an e1000 emulated nic with an Untangle VM. At least that's worked the best in VMWare.

    You need to try and figure out if the VM is really loosing connectivity, or the host is loosing connectivity. I've had NICs, even Intel ones, shut off when the bus was saturated, it causes all sorts of strange things to happen.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  10. #10
    Newbie
    Join Date
    Nov 2011
    Location
    "Multi-homed"
    Posts
    9

    Default

    Quote Originally Posted by AdamB View Post
    When you say Untangle fails to get to the network what exactly do you mean? For example can you hit the internal interface of Untangle but can't get out external? Or is it you can't hit the internal interface? If you can't hit the internal interface how does the external interface look from console? Just trying to get a better idea if you are losing internal or external connectivity.

    Although I haven't had any issues many users in the community will tell you to stay away from Reltek at all costs with Untangle. For some reason Untangle doesn't play well with those nic's.

    When this is happening I would be looking for errors on your interfaces. Along with reviewing all logs in /var/log.
    The behavior seems to be that the untangle vm (I can access it using the kvm console, so I'm not accessing it via IP when it looses connectivity) no longer is able to get traffic from the internal network to the external one. From the host where the vm lives, I can no longer ping the untangle nic's. From the untangle, I can not ping anything (either the host or other systems). However, other guests on that same hosts are still up and work over the network. There are about 20-35 internal systems using the untangle gateway, and about 5 other guests running on the system. I looked both on /var/log on the untangle server, hosts, and dmesg. Nothing strange in there.



    Rebooting the untangle vm seems to solve the issue. I haven't had to reboot the host yet. (yes, I'm thinking about a reboot on cron at 3 am). At no time I loose the ability to access the kvm host on both interfaces. Also, I tried swapping virtual nic on the untangle host ( I even built the guests from 0 instead of swapping virtual nic cards) and this also happens with a intel+amd card combo.


    I use KVM guests also to access my office. I have an opensuse host, and virtual guests running my office "official" OS image and vpn software. I haven't had any issues and it is running on asus + amd x 4 cpu, nvidia chipset/nic (MCP77).

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2