Hi, i have trying to play with KVM on gentoo and stumbled upon a guest reseting incoming connection. (looks like qemu cheating the guest by sending fake tcp-reset). below i send typical ssh session: tcpdump: WARNING: eth0: no IPv4 address assigned tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 68 bytes 16:53:55.533949 IP Y.Y.79.34.59793 > X.X.79.231.22: S 41315573:41315573(0) win 5840 <mss 1460,[|tcp]> 16:53:55.534211 IP X.X.79.231.22 > Y.Y.79.34.59793: S 3726054219:3726054219(0) ack 41315574 win 5792 <mss 1460,[|tcp]> 16:53:55.536362 IP Y.Y.79.34.59793 > X.X.79.231.22: . ack 1 win 92 <nop,nop,timestamp[|tcp]> !---> 16:53:55.536514 IP X.X.79.231.22 > Y.Y.79.34.59793: R 3726054220:3726054220(0) win 0 ^C4 packets captured 4 packets received by filter 0 packets dropped by kernel tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on br0, link-type EN10MB (Ethernet), capture size 68 bytes 16:53:55.533949 IP Y.Y.79.34.59793 > X.X.79.231.22: S 41315573:41315573(0) win 5840 <mss 1460,[|tcp]> 16:53:55.534199 IP X.X.79.231.22 > Y.Y.79.34.59793: S 3726054219:3726054219(0) ack 41315574 win 5792 <mss 1460,[|tcp]> !---> 16:53:55.534228 IP Y.Y.79.34.59793 > X.X.79.231.22: R 41315574:41315574(0) win 0 16:53:55.536362 IP Y.Y.79.34.59793 > X.X.79.231.22: . ack 1 win 92 <nop,nop,timestamp[|tcp]> 16:53:55.536504 IP X.X.79.231.22 > Y.Y.79.34.59793: R 3726054220:3726054220(0) win 0 16:53:55.536530 IP Y.Y.79.34.59793 > X.X.79.231.22: R 4253651723:4253651723(0) ack 1 win 0 eth0 - host's hardware interface br0 - interface bridging eth0 and guests tap ~ # brctl show br0 bridge name bridge id STP enabled interfaces br0 8000.003048def1bc no eth0 tap_dev_ext afaics the only reqirement to trigger this behaviour is a *default* route set for the guest kernel, i.e. somthing like. ip route add 0/0 gw X.X.79.1 inside guest leads to fake reset, but ip route add Y.Y.79.34/32 gw X.X.79.1 works as expected. on the other side seems like outgoing tcp sessions aren't affected. I'm stuck. No ideia where it come from and how to debug :( any ideas? -- Best regards. Alexander Y. Fomichev <git.user@xxxxxxxxx> -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html