[Bug 909348] New: Can't create virtual NAT network - interface name `net_wlp16s0_00_1f_3b_59_61_3d' must be shorter than IFNAMSIZ
http://bugzilla.opensuse.org/show_bug.cgi?id=909348 Bug ID: 909348 Summary: Can't create virtual NAT network - interface name `net_wlp16s0_00_1f_3b_59_61_3d' must be shorter than IFNAMSIZ Classification: openSUSE Product: openSUSE Factory Version: 201412* Hardware: x86-64 OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: KVM Assignee: kvm-bugs@forge.provo.novell.com Reporter: attila.schler@atskler.net QA Contact: jdouglas@suse.com Found By: --- Blocker: --- Created attachment 616635 --> http://bugzilla.opensuse.org/attachment.cgi?id=616635&action=edit screenshot I would like to create a NAT Virtual Network with the Virtual Machine Manager tool but I get the following error: Error creating virtual network: internal error: Failed to apply firewall rules /usr/sbin/iptables --table filter --insert FORWARD --source 192.168.100.0/24 --in-interface virbr0 --out-interface net_wlp16s0_00_1f_3b_59_61_3d --jump ACCEPT: iptables v1.4.21: interface name `net_wlp16s0_00_1f_3b_59_61_3d' must be shorter than IFNAMSIZ (15) Try `iptables -h' or 'iptables --help' for more information. Traceback (most recent call last): File "/usr/share/virt-manager/virtManager/asyncjob.py", line 89, in cb_wrapper callback(asyncjob, *args, **kwargs) File "/usr/share/virt-manager/virtManager/createnet.py", line 758, in _async_net_create net.install() File "/usr/share/virt-manager/virtinst/network.py", line 261, in install net.create() File "/usr/lib64/python2.7/site-packages/libvirt.py", line 2836, in create if ret == -1: raise libvirtError ('virNetworkCreate() failed', net=self) libvirtError: internal error: Failed to apply firewall rules /usr/sbin/iptables --table filter --insert FORWARD --source 192.168.100.0/24 --in-interface virbr0 --out-interface net_wlp16s0_00_1f_3b_59_61_3d --jump ACCEPT: iptables v1.4.21: interface name `net_wlp16s0_00_1f_3b_59_61_3d' must be shorter than IFNAMSIZ (15) Try `iptables -h' or 'iptables --help' for more information. I attached a screenshot too. I can't find this strange interface name elsewhere in my system. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=909348
Bruce Rogers
http://bugzilla.opensuse.org/show_bug.cgi?id=909348
Charles Arnold
http://bugzilla.opensuse.org/show_bug.cgi?id=909348
--- Comment #2 from Attila Schler
I think this is a valid error. The interface name can't exceed 15 characters. This is a system limit as defined in net/if.h. Virt-manager is just reporting what came back from libvirt when it used the iptables call to set up a firewall rule for the interface.
But from where comes that long interface name? Why sees the Virtual Machine Manager that interface name? # ifconfig net_wlp16s0_00_1f_3b_59_61_3d net_wlp16s0_00_: error fetching interface information: Device not found # ifconfig wlp16s0 wlp16s0 Link encap:Ethernet HWaddr 00:1F:3B:59:61:3D inet addr:192.168.12.7 Bcast:192.168.12.255 Mask:255.255.255.0 inet6 addr: fe80::21f:3bff:fe59:613d/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:721012 errors:0 dropped:0 overruns:0 frame:0 TX packets:493504 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:989818675 (943.9 Mb) TX bytes:51008826 (48.6 Mb) -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=909348
--- Comment #3 from Charles Arnold
(In reply to Charles Arnold from comment #1)
I think this is a valid error. The interface name can't exceed 15 characters. This is a system limit as defined in net/if.h. Virt-manager is just reporting what came back from libvirt when it used the iptables call to set up a firewall rule for the interface.
But from where comes that long interface name? Why sees the Virtual Machine Manager that interface name?
# ifconfig net_wlp16s0_00_1f_3b_59_61_3d net_wlp16s0_00_: error fetching interface information: Device not found
# ifconfig wlp16s0 wlp16s0 Link encap:Ethernet HWaddr 00:1F:3B:59:61:3D inet addr:192.168.12.7 Bcast:192.168.12.255 Mask:255.255.255.0 inet6 addr: fe80::21f:3bff:fe59:613d/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:721012 errors:0 dropped:0 overruns:0 frame:0 TX packets:493504 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:989818675 (943.9 Mb) TX bytes:51008826 (48.6 Mb)
That is odd. Something has appended the MAC addr to the interface name. Could you also attach the file ~/.cache/virt-manager/virt-manager.log -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=909348
--- Comment #4 from Attila Schler
http://bugzilla.opensuse.org/show_bug.cgi?id=909348
Ulf Dettmer
http://bugzilla.opensuse.org/show_bug.cgi?id=909348
James Fehlig
These long names are acquired from libvirt. For example, 'virsh nodedev-list | grep net' will show the long names like 'net_wlp16s0_00_1f_3b_59_61_3d' that appear in the popdown list.
net_wlp16s0_00_1f_3b_59_61_3 is the nodedev name. Information about this nodedev can be obtained with nodedev-dumpxml, e.g. # virsh nodedev-dumpxml net_enp8s0f0_00_30_48_7a_e2_66 <device> <name>net_enp8s0f0_00_30_48_7a_e2_66</name> <path>/sys/devices/pci0000:00/0000:00:09.0/0000:08:00.0/net/enp8s0f0</path> <parent>pci_0000_08_00_0</parent> <capability type='net'> <interface>enp8s0f0</interface> <address>00:30:48:7a:e2:66</address> <link speed='1000' state='up'/> <capability type='80203'/> </capability> </device>
Virt-manager gathers them all up and puts them in the list allowing them to be selected.
Perhaps virt-manager should display the interface name associated with the nodedev.
Jim, Any thoughts on this? How are these long name interfaces supposed to be used?
IMO, virt-manager should not be using the nodedev name, but the actual interface associated with the nodedev. Cedric has done some work in libvirt's network code lately, so I'd like to hear his opinion. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=909348
Cédric Bosdonnat
(In reply to Charles Arnold from comment #5)
These long names are acquired from libvirt. For example, 'virsh nodedev-list | grep net' will show the long names like 'net_wlp16s0_00_1f_3b_59_61_3d' that appear in the popdown list.
net_wlp16s0_00_1f_3b_59_61_3 is the nodedev name. Information about this nodedev can be obtained with nodedev-dumpxml, e.g.
These IDs are libvirt internal ones, not something the kernel and network tools knows about.
Virt-manager gathers them all up and puts them in the list allowing them to be selected.
Perhaps virt-manager should display the interface name associated with the nodedev.
Indeed that would make much more sense for the user experience, but I guess we'll need to show something else for the other device types.
Jim, Any thoughts on this? How are these long name interfaces supposed to be used?
IMO, virt-manager should not be using the nodedev name, but the actual interface associated with the nodedev.
Cedric has done some work in libvirt's network code lately, so I'd like to hear his opinion.
I agree, the nodev is something only libvirt knows about. For other things, the device name should be fetched from the device XML. @Attila: Could you please run virt-manager with --debug flag so that we could see what XML fragment is used to create the network device? -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=909348
--- Comment #9 from Attila Schler
@Attila: Could you please run virt-manager with --debug flag so that we could see what XML fragment is used to create the network device?
Meanwhile I switched from Tumbleweed to 13.2 because I got more and more problems. (Lately the virtual networks completely stopped working while apparmor turned on.) In 13.2 I can choose only the “Any physical device” and there are no other devices. If it helps I can try to install Tumbleweed on a vm and I can see what happens there. And/or I can run the “virt-manager with –debug” on my current system. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=909348
Cédric Bosdonnat
@Attila: Could you please run virt-manager with --debug flag so that we could see what XML fragment is used to create the network device?
Don't worry, I didn't see that you already provided a log: The problem is here:
[Wed, 10 Dec 2014 23:51:44 virt-manager 11058] DEBUG (network:256) Creating virtual network 'for_bugzilla' with xml: <network> <name>for_bugzilla</name> <uuid>ac477956-4b42-4cda-915c-fc13c22fa5d4</uuid> <forward mode="nat" dev="net_wlp16s0_00_1f_3b_59_61_3d"/> <domain name="for_bugzilla"/> <ip address="192.168.133.1" netmask="255.255.255.0"> <dhcp> <range start="192.168.133.128" end="192.168.133.254"/> </dhcp> </ip> </network>
The dev value uses the libvirt internal id, rather than the device name. This looks like virt-manager not properly using the libvirt API. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=909348
--- Comment #11 from Charles Arnold
http://bugzilla.opensuse.org/show_bug.cgi?id=909348
Charles Arnold
http://bugzilla.opensuse.org/show_bug.cgi?id=909348
--- Comment #13 from Attila Schler
Fix available in the Virtualization/virt-manager repo.
First of all: I'm now on 13.2. I switched to this repo, and updated all installed packages: http://download.opensuse.org/repositories/Virtualization/openSUSE_13.2/ Now the interface names appears normally, but the virtual networks can't started (like beforehand on Tumbleweed), because: Error starting network 'default': internal error: Child process (VIR_BRIDGE_NAME=virbr0 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/usr/lib64/libvirt/libvirt_leaseshelper) unexpected exit status 3: dnsmasq: cannot run lease-init script /usr/lib64/libvirt/libvirt_leaseshelper: No such file or directory Traceback (most recent call last): File "/usr/share/virt-manager/virtManager/asyncjob.py", line 89, in cb_wrapper callback(asyncjob, *args, **kwargs) File "/usr/share/virt-manager/virtManager/asyncjob.py", line 125, in tmpcb callback(*args, **kwargs) File "/usr/share/virt-manager/virtManager/network.py", line 104, in start self._backend.create() File "/usr/lib64/python2.7/site-packages/libvirt.py", line 2853, in create if ret == -1: raise libvirtError ('virNetworkCreate() failed', net=self) libvirtError: internal error: Child process (VIR_BRIDGE_NAME=virbr0 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/usr/lib64/libvirt/libvirt_leaseshelper) unexpected exit status 3: dnsmasq: cannot run lease-init script /usr/lib64/libvirt/libvirt_leaseshelper: No such file or directory But the file exists: linux-vh0z:/usr/lib64/libvirt # dir total 1060 drwxr-xr-x 2 root root 236 Jan 16 23:49 connection-driver -rwxr-xr-x 1 root root 16155 Jan 16 15:08 libvirt-guests.sh -rwxr-xr-x 1 root root 285208 Jan 16 15:09 libvirt_iohelper -rwxr-xr-x 1 root root 301632 Jan 16 15:09 libvirt_leaseshelper -rwxr-xr-x 1 root root 281120 Jan 16 15:09 libvirt_parthelper drwxr-xr-x 2 root root 22 Jan 16 23:49 lock-driver -rwxr-xr-x 1 root root 193224 Jan 16 15:09 virt-aa-helper -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=909348
--- Comment #14 from Attila Schler
http://bugzilla.opensuse.org/show_bug.cgi?id=909348
--- Comment #15 from Charles Arnold
This new problem existed before the fix!
Check this page to see if it is applicable to your situation, http://wiki.libvirt.org/page/Libvirtd_and_dnsmasq I've noticed a few upstream bugs with dnsmasq / libvirt. What version of libvirt do you now have installed? -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=909348
--- Comment #16 from Attila Schler
(In reply to Attila Schler from comment #14)
This new problem existed before the fix!
Check this page to see if it is applicable to your situation,
http://wiki.libvirt.org/page/Libvirtd_and_dnsmasq
I've noticed a few upstream bugs with dnsmasq / libvirt. What version of libvirt do you now have installed?
I think there are permission kind of problems. If I stop the apparmor sevice (# service apparmor stop) I don't get the before-mentioned “dnsmasq: cannot run lease-init script” problem. But I get the following: Error starting network 'default': internal error: Failed to apply firewall rules /usr/sbin/iptables -w --table filter --insert INPUT --in-interface virbr0 --protocol tcp --destination-port 67 --jump ACCEPT: iptables v1.4.21: can't initialize iptables table `filter': Permission denied Perhaps iptables or your kernel needs to be upgraded. Traceback (most recent call last): File "/usr/share/virt-manager/virtManager/asyncjob.py", line 89, in cb_wrapper callback(asyncjob, *args, **kwargs) File "/usr/share/virt-manager/virtManager/asyncjob.py", line 125, in tmpcb callback(*args, **kwargs) File "/usr/share/virt-manager/virtManager/network.py", line 104, in start self._backend.create() File "/usr/lib64/python2.7/site-packages/libvirt.py", line 2853, in create if ret == -1: raise libvirtError ('virNetworkCreate() failed', net=self) libvirtError: internal error: Failed to apply firewall rules /usr/sbin/iptables -w --table filter --insert INPUT --in-interface virbr0 --protocol tcp --destination-port 67 --jump ACCEPT: iptables v1.4.21: can't initialize iptables table `filter': Permission denied Perhaps iptables or your kernel needs to be upgraded.
What version of libvirt do you now have installed? The libvirt (libvirt = 1.2.11-463.3) package not installed by default. The libvirt-daemon 1.2.11-463.3 and libvirt-client 1.2.11-463.3 installed.
-- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=909348
--- Comment #17 from Cédric Bosdonnat
(In reply to Charles Arnold from comment #15)
(In reply to Attila Schler from comment #14)
This new problem existed before the fix!
Check this page to see if it is applicable to your situation,
http://wiki.libvirt.org/page/Libvirtd_and_dnsmasq
I've noticed a few upstream bugs with dnsmasq / libvirt. What version of libvirt do you now have installed?
I think there are permission kind of problems.
I already had that problem and locally fixed it. I'll submit a patch for apparmor to fix the dnsmasq profile.
If I stop the apparmor sevice (# service apparmor stop) I don't get the before-mentioned “dnsmasq: cannot run lease-init script” problem. But I get the following:
Just do the following: * Edit /etc/apparmor.d/usr.sbin.dnsmasq and patch it this way: - /usr/lib/libvirt/libvirt_leaseshelper ix, + /bin/bash ix, + /usr/{lib,lib64}/libvirt/libvirt_leaseshelper ix, * Restart apparmor service * Restart libvirtd service, (that may not be needed) * Start the network, that should be fixed. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=909348
--- Comment #18 from Cédric Bosdonnat
http://bugzilla.opensuse.org/show_bug.cgi?id=909348
--- Comment #19 from Attila Schler
@Attila, BTW, the problem you mentioned is already reported as bug 911001, and should be fixed with up-to-date factory apparmor packages.
The fix for 13.2 will be submitted soon.
OK, thank you for your help. Now it seems everything works as intended. -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com