Hello, Since updating to latest Whonix 15/Qubes R4.1, I am having issues with sys-whonix not bringing up the virtual interfaces for downstream VMs correctly. I could find nothing conclusive in the bug tracker but am hesitant to raise it on qubes-issue in case it only affects me.
The symptoms are as follows: * AppVMs connected to sys-whonix do not get networking * There is an incorrect nameserver specified in the AppVM /etc/resolv.conf (the IP does not match the IP of sys-whonix) * There are no vif* interfaces in sys-whonix, or they are down and have no IP address * There are errors in the logs of sys-whonix like: Mar 18 14:56:20 host root[20716]: /etc/xen/scripts/vif-route-qubes: Writing backend/vif/17/0/hotplug-error /etc/xen/scripts/vif-route-qubes failed; error detected. backend/vif/17/0/hotplug-status error to xenstore. Mar 18 14:56:20 host root[20718]: /etc/xen/scripts/vif-route-qubes: /etc/xen/scripts/vif-route-qubes failed; error detected. Workaround is to add the routing information back in sys-whonix (the vif* interface was there already, just not properly setup): `` ip link set vif<NUM> up ip addr add <IP-OF-SYS-WHONIX>/32 dev vif<NUM> ip route add <IP-OF-APPVM> dev vif<NUM> metric 32744 `` This will fix the routing table so the prerouting nat rules work. I am not entirely sure how to proceed with diagnosing the issue further. Versions are posted below. Kind regards, Vladimir Version of qubes* packages in whonix-gw-15: libqubes-rpc-filecopy2 4.1.13+deb10u1 libqubesdb 4.1.10-1+deb10u1 libvchan-xen 4.1.7-1+deb10u1 python3-qubesdb 4.1.10-1+deb10u1 qubes-core-agent 4.1.24-1+deb10u1 qubes-core-agent-dom0-updates 4.1.24-1+deb10u1 qubes-core-agent-nautilus 4.1.24-1+deb10u1 qubes-core-agent-networking 4.1.24-1+deb10u1 qubes-core-agent-passwordless-root 4.1.24-1+deb10u1 qubes-core-agent-thunar 4.1.24-1+deb10u1 qubes-core-qrexec 4.1.13-1+deb10u1 qubes-gui-agent 4.1.16-1+deb10u1 qubes-input-proxy-sender 1.0.23-1+deb10u1 qubes-kernel-vm-support 4.1.13+deb10u1 qubes-mgmt-salt-vm-connector 4.1.9-1+deb10u1 qubes-usb-proxy 1.0.29+deb10u1 qubes-utils 4.1.13+deb10u1 qubes-vm-dependencies 4.1.11-1+deb10u1 qubes-whonix 1:15.2-1 qubes-whonix-gateway 3:20.2-1 qubes-whonix-gateway-packages-recommended 1:15.2-1 qubes-whonix-shared-packages-recommended 1:15.2-1 qubesdb 4.1.10-1+deb10u1 qubesdb-vm 4.1.10-1+deb10u1 In the AppVM which is fedora-based: python3-dnf-plugins-qubes-hooks-4.1.24-1.fc32.x86_64 python3-qubesdb-4.1.10-1.fc32.x86_64 python3-qubesimgconverter-4.1.13-1.fc32.x86_64 qubes-core-agent-4.1.24-1.fc32.x86_64 qubes-core-agent-dom0-updates-4.1.24-1.fc32.x86_64 qubes-core-agent-nautilus-4.1.24-1.fc32.x86_64 qubes-core-agent-network-manager-4.1.24-1.fc32.x86_64 qubes-core-agent-networking-4.1.24-1.fc32.x86_64 qubes-core-agent-passwordless-root-4.1.24-1.fc32.x86_64 qubes-core-agent-systemd-4.1.24-1.fc32.x86_64 qubes-core-qrexec-4.1.13-1.fc32.x86_64 qubes-core-qrexec-libs-4.1.13-1.fc32.x86_64 qubes-core-qrexec-vm-4.1.13-1.fc32.x86_64 qubes-db-4.1.10-1.fc32.x86_64 qubes-db-libs-4.1.10-1.fc32.x86_64 qubes-db-vm-4.1.10-1.fc32.x86_64 qubes-gpg-split-2.0.50-1.fc32.x86_64 qubes-gui-agent-4.1.16-1.fc32.x86_64 qubes-img-converter-1.2.9-1.fc32.x86_64 qubes-input-proxy-sender-1.0.23-1.fc32.x86_64 qubes-kernel-vm-support-4.1.13-1.fc32.x86_64 qubes-libvchan-xen-4.1.7-1.fc32.x86_64 qubes-menus-4.1.6-1.fc32.noarch qubes-mgmt-salt-vm-connector-4.1.9-1.fc32.noarch qubes-pdf-converter-2.1.11-1.fc32.x86_64 qubes-usb-proxy-1.0.29-1.fc32.noarch qubes-utils-4.1.13-1.fc32.x86_64 qubes-utils-libs-4.1.13-1.fc32.x86_64 qubes-vm-dependencies-4.1.11-1.fc32.noarch qubes-vm-recommended-4.1.11-1.fc32.noarch -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1ace8b24-c18b-f106-a545-0523062906cd%40vladimir.lu.
