On 10/05/2010 03:44 PM, Jiri Denemark wrote:
21:31:09.298: error : virRunWithHook:857 : internal error '/usr/sbin/iptables --table mangle --insert POSTROUTING --out-interface virbr0 --protocol udp --destination-port 68 --jump CHECKSUM --checksum-fill' exited with non-zero status 2 and signal 0: iptables v1.4.7: unknown option `--checksum-fill' Try `iptables -h' or 'iptables --help' for more information. This is harmless and ignored by libvirt. If DHCP still works in your guests, you don't need worry about this feature. The warning below tries to suggest the error was ignored...
Correct. The reason for this is that the only way to determine whether or not iptables supports the new CHECKSUM target is to try the command and see if it fails. Since the CHECKSUM target is in upstream iptables, it will eventually be in all distro-specific versions, so the less-than-elegant warning was deemed sufficient. This particular rule is required to support guests that use the vhost-net module (ie kernel-based rather than userspace-based) for virtio network interfaces. Whether or not that will be needed depends on guest config, which can't be known at the time that the virtual networks are started, so we must always try to add it, then fail "semi-silently" (we continue, but first complain a little).
21:31:09.299: warning : networkAddIptablesRules:873 : Could not add rule to fixup DHCP response checksums on network 'default'. 21:31:09.299: warning : networkAddIptablesRules:874 : May need to update iptables package& kernel to support CHECKSUM rule. 21:31:09.301: error : virRunWithHook:857 : internal error '/usr/sbin/dnsmasq --strict-order --bind-interfaces --pid-file=/var/run/libvirt/network/default.pid --conf-file= --listen-address 10.117.9.1 --except-interface lo' exited with non-zero status 1 and signal 0: libvir: error : cannot execute binary /usr/sbin/dnsmasq: No such file or directory This is the really important error for you; /usr/sbin/dnsmasq could not be found.
That location comes from config.h, so it's determined at configure time. Apparently it found /usr/sbin/dnsmasq at configure time. Did you build on a different machine from where you're running (and maybe this new machine doesn't have dnsmasq installed? It should be in the prerequisites for your libvirt package to ensure that it's always installed when libvirt is installed).