Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

no network with qubes-vm-kernel-latest (5.16.18) #7397

Closed
b90g opened this issue Mar 31, 2022 · 17 comments
Closed

no network with qubes-vm-kernel-latest (5.16.18) #7397

b90g opened this issue Mar 31, 2022 · 17 comments
Assignees
@DemiMarie
Labels
C: kernel C: networking diagnosed Technical diagnosis has been performed (see issue comments). hardware support P: major Priority: major. Between "default" and "critical" in severity. r4.0-dom0-stable r4.1-dom0-stable r4.2-host-stable T: bug Type: bug report. A problem or defect resulting in unintended behavior in something that exists.
Milestone
Release 4.0 updates

Comments

@b90g
Copy link

b90g commented Mar 31, 2022
edited
Loading

How to file a helpful issue

Qubes OS release

4.1

5.16.18-1

Brief summary

sys-firewall isnt able to ping IPv4 addresses although sys-net connected to a network and reaches the same adress. (9.9.9.9)

sys-firewall is connected to sys-net

Steps to reproduce

install kernel-latest for qubes-vms (5.16.18)

Expected behavior

Having everything workin as it were in 5.16.15

Actual behavior

offline, no ICMP, no TCP, nothing. :(

switching the default kernel to an older version gets me connected, i tested on 2 different systems
@b90g b90g added P: default Priority: default. Default priority for new issues, to be replaced given sufficient information. T: bug Type: bug report. A problem or defect resulting in unintended behavior in something that exists. labels Mar 31, 2022
@DemiMarie DemiMarie self-assigned this Mar 31, 2022
@marmarek
Copy link
Member

Can you see if kernel in sys-net complains about anything. It may be some driver-specific issue, I cannot reproduce it on my system.

@andrewdavidwong andrewdavidwong added C: kernel C: networking hardware support needs diagnosis Requires technical diagnosis from developer. Replace with "diagnosed" or remove if otherwise closed. labels Mar 31, 2022
@andrewdavidwong andrewdavidwong added this to the Release 4.1 updates milestone Mar 31, 2022
@b90g
Copy link
Author

b90g commented Mar 31, 2022

I updated the Issue, it turned out sys-firewall isnt able to connect to anything when they run on 5.16.18.

its fedora-35 template.

should i paste dmesg or anything? i am not a developer, sorry :/

@marmarek
Copy link
Member

Yes, sudo dmesg from sys-net and sys-firewall. And also, from sys-firewall output of ip r, ip n and sudo ethtool -k eth0.

@pgerber
Copy link

pgerber commented Mar 31, 2022

Looks like qubes-iptables.service fails on that kernel:

Mar 31 18:35:57 debian-11 systemd[1]: Starting Qubes base firewall settings...
Mar 31 18:35:57 debian-11 qubes-iptables[973]: iptables: Applying firewall rules:
Mar 31 18:35:57 debian-11 qubes-iptables[978]: iptables-restore v1.8.7 (nf_tables):
Mar 31 18:35:57 debian-11 qubes-iptables[978]: line 13: RULE_APPEND failed (No such file or directory): rule in chain PREROUTING
Mar 31 18:35:57 debian-11 qubes-iptables[978]: line 13: RULE_APPEND failed (No such file or directory): rule in chain PREROUTING
Mar 31 18:35:57 debian-11 qubes-iptables[978]: line 13: RULE_APPEND failed (No such file or directory): rule in chain POSTROUTING
Mar 31 18:35:57 debian-11 qubes-iptables[978]: line 13: RULE_APPEND failed (No such file or directory): rule in chain POSTROUTING
Mar 31 18:35:57 debian-11 qubes-iptables[978]: line 13: RULE_APPEND failed (No such file or directory): rule in chain POSTROUTING
Mar 31 18:35:57 debian-11 qubes-iptables[973]: FAIL
Mar 31 18:35:57 debian-11 systemd[1]: qubes-iptables.service: Main process exited, code=exited, status=1/FAILURE
Mar 31 18:35:57 debian-11 systemd[1]: qubes-iptables.service: Failed with result 'exit-code'.
Mar 31 18:35:57 debian-11 systemd[1]: Failed to start Qubes base firewall settings.

Works fine again when I downgrade to the previous kernel.

@pgerber
Copy link

pgerber commented Mar 31, 2022 

$ ip n
$ ip r
default via 10.137.0.7 dev eth0 onlink 
10.137.0.7 dev eth0 scope host onlink

dmesg:
dmesg.txt

@crat0z
Copy link

crat0z commented Mar 31, 2022

Can confirm this is an issue. All VMs that start with 5.16.18-1 kernel will have broken iptables

@brendanhoar
Copy link

Confirmed in 4.0 as well.

@ghost
Copy link

ghost commented Mar 31, 2022

maybe debian issue? my fedora-35 minimal is fine.

@b90g
Copy link
Author

b90g commented Mar 31, 2022

maybe debian issue? my fedora-35 minimal is fine.

using fedora-35 (both disposable with vanilla config)

@andrewdavidwong andrewdavidwong added P: major Priority: major. Between "default" and "critical" in severity. and removed P: default Priority: default. Default priority for new issues, to be replaced given sufficient information. labels Apr 1, 2022
@Minimalist73 Minimalist73 mentioned this issue Apr 1, 2022
Closed
@ghost
Copy link

ghost commented Apr 1, 2022

it's work on my side

ss

@b90g b90g changed the title no network with qubes-vm-kernel-latest no network with qubes-vm-kernel-latest (5.16.18) Apr 1, 2022
@qubesos-bot
Copy link

Automated announcement from builder-github

The component linux-kernel-latest (including package kernel-latest-5.16.18-2.fc25.qubes) has been pushed to the r4.0 testing repository for dom0.
To test this update, please install it with the following command:

sudo qubes-dom0-update --enablerepo=qubes-dom0-current-testing

Changes included in this update

@qubesos-bot qubesos-bot mentioned this issue Apr 1, 2022
Closed
@qubesos-bot
Copy link

Automated announcement from builder-github

The component linux-kernel-latest (including package kernel-latest-5.16.18-2.fc32.qubes) has been pushed to the r4.1 testing repository for dom0.
To test this update, please install it with the following command:

sudo qubes-dom0-update --enablerepo=qubes-dom0-current-testing

Changes included in this update

@qubesos-bot qubesos-bot mentioned this issue Apr 1, 2022
Closed
@andrewdavidwong andrewdavidwong added diagnosed Technical diagnosis has been performed (see issue comments). and removed needs diagnosis Requires technical diagnosis from developer. Replace with "diagnosed" or remove if otherwise closed. labels Apr 2, 2022
@qubesos-bot
Copy link

Automated announcement from builder-github

The component linux-kernel-latest (including package kernel-latest-5.16.18-2.fc32.qubes) has been pushed to the r4.1 stable repository for dom0.
To install this update, please use the standard update command:

sudo qubes-dom0-update

Or update dom0 via Qubes Manager.

Changes included in this update

@qubesos-bot
Copy link

Automated announcement from builder-github

The component linux-kernel-latest (including package kernel-latest-5.16.18-2.fc25.qubes) has been pushed to the r4.0 stable repository for dom0.
To install this update, please use the standard update command:

sudo qubes-dom0-update

Or update dom0 via Qubes Manager.

Changes included in this update

@TheWanderer1983
Copy link

TheWanderer1983 commented Jan 23, 2023
edited
Loading

I can confirm this issue on custom debian-minimal qubes.
Same as author mentions. Downgrading to a lower kernel fixes the problem. Can't ping anything even own IP address. Templates can apt-get upgrade but all AppVMs fails with networking. Dom0 Can't update via console as trying to use disp-sys-firewall. disp-sys-net is only one with working internet but it too can't ping anything internal.
ip a, ip r, iptables, sysctl forwards all look good.
Disp-sys-net is the only one that requires downgrading.

@qubesos-bot
Copy link

Automated announcement from builder-github

The component linux-kernel (including package kernel-6.1.26-1.qubes.fc32) has been pushed to the r4.1 testing repository for dom0.
To test this update, please install it with the following command:

sudo qubes-dom0-update --enablerepo=qubes-dom0-current-testing

Changes included in this update

@qubesos-bot qubesos-bot mentioned this issue Apr 28, 2023
Closed
@qubesos-bot qubesos-bot mentioned this issue May 12, 2023
Closed
@qubesos-bot qubesos-bot mentioned this issue Jun 25, 2023
Closed
@qubesos-bot
Copy link

Automated announcement from builder-github

The component linux-kernel (including package kernel-6.1.35-1.qubes.fc32) has been pushed to the r4.1 stable repository for dom0.
To install this update, please use the standard update command:

sudo qubes-dom0-update

Or update dom0 via Qubes Manager.

Changes included in this update

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@DemiMarie DemiMarie

Labels
C: kernel C: networking diagnosed Technical diagnosis has been performed (see issue comments). hardware support P: major Priority: major. Between "default" and "critical" in severity. r4.0-dom0-stable r4.1-dom0-stable r4.2-host-stable T: bug Type: bug report. A problem or defect resulting in unintended behavior in something that exists.
Projects
None yet
Milestone
Release 4.0 updates
Development

No branches or pull requests
9 participants
@marmarek @DemiMarie @brendanhoar @andrewdavidwong @crat0z @pgerber @TheWanderer1983 @qubesos-bot @b90g