XCP-ng
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Xen Orchestra netbox sync error

    Scheduled Pinned Locked Moved Advanced features
    19 Posts 6 Posters 1.6k Views 5 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • pdoniasP Offline
      pdonias Vates 🪐 XO Team @jpasher-work
      last edited by

      @jpasher-work Thanks, I'm adding that too!

      @sb2014 I may have found the issue. If you want to test it, you can build the branch pierre-fix-addresses.

      S 1 Reply Last reply Reply Quote 1
      • S Offline
        sb2014 @pdonias
        last edited by

        @pdonias
        Thank you.
        Now everything seems to work.

        1 Reply Last reply Reply Quote 2
        • yannY Offline
          yann Vates 🪐 XCP-ng Team @sb2014
          last edited by

          @sb2014 this address reporting looks buggy, can you please share some guest information (OS type and version, guest agent version reported by XO)?

          S 1 Reply Last reply Reply Quote 1
          • S Offline
            sb2014 @yann
            last edited by

            @yann

            Here are the infomations.
            Guest OS:
            Management agent version: 6.2.0-76888
            OS name: FreeBSD 13.2-RELEASE-p2 (OpnSense 23.7.1_3)
            OS kernel: 13.2-RELEASE-p2

            Is it possible that the reporting of IPv6 addresses works only sometimes or not at all?
            Also under other operating systems, like Windows Server, Debian and AlmaLinux.

            yannY 1 Reply Last reply Reply Quote 0
            • yannY Offline
              yann Vates 🪐 XCP-ng Team @sb2014
              last edited by

              @sb2014 The status of the guest tools on FreeBSD is really bad at the moment, and they finally marked this port as unmaintained 2 weeks ago.
              Looks like such a result could only result in ifconfig output changing; it would be useful to get a look at what your ifconfig output looks like, and likely update /usr/local/sbin/xe-update-guest-attrs and propose a patch to the BSD ports maintainers.

              For a better solution, I'll try to allocate more time to xen-guest-agent to get it fully working in FreeBSD soon.

              S 1 Reply Last reply Reply Quote 0
              • S Offline
                sb2014 @yann
                last edited by

                @yann

                Here is the output from ifconfig.
                I replaced the public IPs with:
                192.168.178.0/24
                fe00::/112

                enc0: flags=0<> metric 0 mtu 1536
	groups: enc
	nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
	options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
	inet6 ::1 prefixlen 128
	inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2
	inet 127.0.0.1 netmask 0xff000000
	groups: lo
	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
pflog0: flags=20100<PROMISC,PPROMISC> metric 0 mtu 33160
	groups: pflog
pfsync0: flags=41<UP,RUNNING> metric 0 mtu 1500
	pfsync: syncdev: xn2 syncpeer: 10.0.255.2 maxupd: 128 defer: off
	syncok: 1
	groups: pfsync
xn0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
	description: WAN (wan)
	ether 32:92:38:a6:82:37
	inet 192.168.178.3 netmask 0xfffffff0 broadcast 192.168.178.255
	inet 192.168.178.2 netmask 0xfffffff0 broadcast 192.168.178.255 vhid 3
	inet 192.168.178.4 netmask 0xfffffff0 broadcast 192.168.178.255
	inet 192.168.178.5 netmask 0xfffffff0 broadcast 192.168.178.255
	inet 192.168.178.6 netmask 0xfffffff0 broadcast 192.168.178.255
	inet 192.168.178.7 netmask 0xfffffff0 broadcast 192.168.178.255
	inet 192.168.178.8 netmask 0xfffffff0 broadcast 192.168.178.255
	inet 192.168.178.9 netmask 0xfffffff0 broadcast 192.168.178.255
	inet6 fe00::3 prefixlen 64
	inet6 fe80::30da:86ff:fea6:e181%xn0 prefixlen 64 scopeid 0x5
	inet6 fe00::2 prefixlen 64 vhid 4
	carp: MASTER vhid 3 advbase 1 advskew 100
	carp: MASTER vhid 4 advbase 1 advskew 100
	media: Ethernet manual
	status: active
	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
xn1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
	description: LAN (lan)
	ether 43:86:34:67:34:75
	inet 10.0.0.2 netmask 0xffffff00 broadcast 10.0.0.255
	inet 10.0.0.1 netmask 0xffffff00 broadcast 10.0.0.255 vhid 1
	inet 10.0.3.1 netmask 0xffffff00 broadcast 10.0.3.255
	inet6 fd00::2 prefixlen 112
	inet6 fe80::c45c:dbff:feb5:62b9%xn1 prefixlen 64 scopeid 0x6
	inet6 fd00::1 prefixlen 112 vhid 2
	inet6 fd00::3:1 prefixlen 112
	carp: MASTER vhid 1 advbase 1 advskew 100
	carp: MASTER vhid 2 advbase 1 advskew 100
	media: Ethernet manual
	status: active
	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
xn2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
	description: pfsync (opt1)
	ether 32:90:32:43:21:89
	inet 10.0.255.1 netmask 0xffffff00 broadcast 10.0.255.255
	inet6 fd00::ffff:1 prefixlen 112
	inet6 fe80::6809:c1ff:fe14:b82d%xn2 prefixlen 64 scopeid 0x7
	media: Ethernet manual
	status: active
	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
wg1: flags=80c1<UP,RUNNING,NOARP,MULTICAST> metric 0 mtu 1420
	options=80000<LINKSTATE>
	inet6 fd00::1:1 prefixlen 112
	inet 10.0.1.1 netmask 0xffffff00
	groups: wg wireguard
	nd6 options=101<PERFORMNUD,NO_DAD>
wg2: flags=80c1<UP,RUNNING,NOARP,MULTICAST> metric 0 mtu 1420
	options=80000<LINKSTATE>
	inet6 fd00::2:1 prefixlen 112
	inet 10.0.2.1 netmask 0xffffff00
	groups: wg wireguard
	nd6 options=101<PERFORMNUD,NO_DAD>
                yannY 1 Reply Last reply Reply Quote 0
                • yannY Offline
                  yann Vates 🪐 XCP-ng Team @sb2014
                  last edited by yann

                  @sb2014 OK no fundamental change here.

                  Looking at this old agent code, though, I note that the IPs are all written space-separated in a single write to attr/eth0/ip, which is a place I've never heard about (the standard xenstore structure is documented here.

                  Still, this xenstore key is documented as "old style" in the XAPI code. We can easily check that writing just 2 IP space-separated addresses to this xenstore key had this exact behaviour:

                  host# xenstore ls /local/domain/443/attr
eth0 = ""
 ip = "1.2.3.1 1.2.3.2"
PVAddons = ""
 MajorVersion = "6"
 MinorVersion = "2"
 MicroVersion = "0"
 BuildVersion = "76888"
 Installed = "1"

                  XO then displays 3 entries, the first 2 ones being the individual IPs from the string, and the last one being the full unparsed string. This looks like a bug in XAPI, where the old way of publishing IPs is likely not that well tested.

                  EDIT Reported upstream - it looks like this old protocol simply did not support multiple IPs, and the old guest-agent is just buggy, it should have protected against multiple IPs and only reported one.

                  yannY 1 Reply Last reply Reply Quote 0
                  • yannY Offline
                    yann Vates 🪐 XCP-ng Team @yann
                    last edited by

                    @pdonias looks like the problem occurs because there are 2 kinds of data in the guest metrics: the "old style" which was never meant for multiple IPs but can be (and apparently has been) used for that, and OTOH the "new style" which XAPI created without checking it puts a valid value there.

                    Would it be that XO was parsing both, splitting 0/ip?
                    It would look like in the presence of both styles, given the existence of this issue, it would be sufficient to just ignore the "new style" one?

                    pdoniasP 1 Reply Last reply Reply Quote 0
                    • pdoniasP Offline
                      pdonias Vates 🪐 XO Team @yann
                      last edited by

                      @yann Yes, XO does parse it to flatten x/ip into multiple x/ipv4/x. The issue was that we assumed that only x/ip fields could have multiple space-separated IPs so we weren't flattening x/ipv4/x fields.
                      So when we got something like this from XAPI:

                      {
  '0/ip': '1.1.1.1 2.2.2.2',
  '0/ipv4/0': '1.1.1.1 2.2.2.2'
}

                      it used to be transformed into this:

                      {
  '0/ipv4/0': '1.1.1.1',
  '0/ipv4/1': '2.2.2.2',
  '0/ipv4/2': '1.1.1.1 2.2.2.2'
}

                      which is pretty much what @sb2014 was getting here.
                      And now we made a change to also flatten x/ipv4/x fields (with deduplication, etc.) so now it would be transformed into:

                      {
  '0/ipv4/0': '1.1.1.1',
  '0/ipv4/1': '2.2.2.2'
}

                      So if XAPI isn't supposed to return space-delimited IPs in x/ipv4/x fields, better make sure it's fixed upstream, but from XO's point of view, we're supporting it anyway, now 🙂

                      yannY 1 Reply Last reply Reply Quote 0
                      • yannY Offline
                        yann Vates 🪐 XCP-ng Team @pdonias
                        last edited by

                        @pdonias said in Xen Orchestra netbox sync error:

                        So if XAPI isn't supposed to return space-delimited IPs in x/ipv4/x fields, better make sure it's fixed upstream, but from XO's point of view, we're supporting it anyway, now 🙂

                        Yes I'd think XAPI should not blindly forwarding information from guest without a minimum of sanitation.

                        1 Reply Last reply Reply Quote 0
                        • olivierlambertO olivierlambert moved this topic from Something else on
                        • First post
                          Last post