| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250605083209.73808675@hermes.local>
Date: Thu, 5 Jun 2025 08:32:09 -0700
From: Stephen Hemminger <stephen@...workplumber.org>
To: netdev@...r.kernel.org
Subject: Fw: [Bug 220195] New: [Issue] Linux Not Sending ARP to Cisco C8000v
Virtual Router (IOS XE 17.09.01a)
Not likely a kernel bug, but someone on list probably has more insight here.
Begin forwarded message:
Date: Thu, 05 Jun 2025 08:18:47 +0000
From: bugzilla-daemon@...nel.org
To: stephen@...workplumber.org
Subject: [Bug 220195] New: [Issue] Linux Not Sending ARP to Cisco C8000v Virtual Router (IOS XE 17.09.01a)
https://bugzilla.kernel.org/show_bug.cgi?id=220195
Bug ID: 220195
Summary: [Issue] Linux Not Sending ARP to Cisco C8000v Virtual
Router (IOS XE 17.09.01a)
Product: Networking
Version: 2.5
Hardware: All
OS: Linux
Status: NEW
Severity: normal
Priority: P3
Component: IPV4
Assignee: stephen@...workplumber.org
Reporter: rvhdrywesy48@...il.com
Regression: No
We are connecting the linux to a virtual router
c8000be-universalk9.17.09.01a.SPA.bin download from ,but quite strange no arp
sent
Hello everyone,
We’re currently testing the connectivity between a Linux host and a virtual
Cisco router using the image:
c8000be-universalk9.17.09.01a.SPA.bin
Downloaded
from:https://www.ioshub.net/c8000be-universalk9-17-09-01a-spa-bin-cisco-catalyst-8000v-edge-platform-ios-xe-amsterdam-17-09-01a-software-download-link/
Setup Overview:
• Linux Host: Ubuntu 22.04 (Kernel 5.15.x)
• Virtual Router: Cisco Catalyst 8000v (C8000v) running IOS XE
Amsterdam 17.09.01a
• Connection: Linux <–> vNIC <–> Cisco 8000v
• Virtualization: KVM/QEMU
Problem:
Despite the interfaces being up on both the Linux side (ip link shows UP) and
the C8000v router (GigabitEthernet interface shows up/up), no ARP request is
being sent from the Linux host when trying to ping the virtual router.
We’ve confirmed the following:
• Static IPs configured on both ends
• Interface eth0 is up and has no MAC address conflict
• No firewall (ufw disabled, iptables -F)
• tcpdump on Linux shows no ARP at all — not even when doing a
manual ping
• C8000v side shows no ARP entries either
What we suspect / tried:
• Verified vNIC model is virtio-net-pci, tried switching to e1000
— same behavior
• Recompiled kernel with CONFIG_ARP=y, just in case — no change
• Changed C8000v interface to bridge and virtio modes — issue
persists
• Added a static ARP entry on Linux — ping still doesn’t work
What’s strange:
• On other routers (e.g., open-source or FRRouting), Linux sends
ARP normally under identical QEMU network configuration
• On Wireshark, it’s like Linux decides not to even try sending
ARP to the C8000v MAC/IP
⸻
Question:
Is there a known kernel-level quirk where Linux might suppress ARP probing to a
VM MAC/interface type it “distrusts” or doesn’t recognize as reachable?
Any suggestions on forcing or debugging ARP emission on Linux (e.g.,
netlink-level tracing or ARP stack debug)?
--
You may reply to this email to add a comment.
You are receiving this mail because:
You are the assignee for the bug.
Powered by blists - more mailing lists