问题
I'm setting up KVM automation via ansible and I have one VM which keeps giving me this error:
libvirtError: XML error: expected unicast mac address, found multicast '53:54:00:b4:ad:81'
I don't believe this is an ansible problem, as several other VMs work just fine. I've tried a different host, even changing the MAC used to one that has worked before as well as one that has never been used. Best I can tell this is NOT a multicast mac address, I'm not sure what the problem is or where to look next. Any suggestions would be appreciated.
This is the XML I'm using to build the VM - Based on the same template that's building all my other VM's (except for the MAC address, name, etc.).
<domain type='kvm'>
<name>te01</name>
<cpu mode='host-passthrough'>
<topology sockets='1' cores='1' threads='1'/>
</cpu>
<memory unit='GiB'>8</memory>
<os>
<type arch='x86_64'>hvm</type>
<boot dev='hd'/>
</os>
<features>
<acpi/>
<apic/>
</features>
<clock offset='utc'>
<timer name='rtc' tickpolicy='catchup'/>
<timer name='pit' tickpolicy='delay'/>
<timer name='hpet' present='no'/>
</clock>
<on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot>
<on_crash>restart</on_crash>
<pm>
<suspend-to-mem enabled='no'/>
<suspend-to-disk enabled='no'/>
</pm>
<devices>
<emulator>/usr/bin/kvm-spice</emulator>
<disk type='file' device='disk'>
<driver name='qemu' type='qcow2' cache='writeback' discard='ignore' io='threads'/>
<source file='/images/te01.qcow2'/>
<target dev='vda' bus='virtio'/>
</disk>
<interface type='bridge'>
<source bridge='br0'/>
<mac address='53:54:00:b4:ad:81'/>
<guest dev='ens3'/>
</interface>
<interface type='bridge'>
<source bridge='br502'/>
<guest dev='ens5'/>
</interface>
<serial type='pty'>
<source path='/dev/pts/1'/>
<target type='isa-serial' port='0'/>
<alias name='serial0'/>
</serial>
<console type='pty' tty='/dev/pts/1'>
<source path='/dev/pts/1'/>
<target type='serial' port='0'/>
<alias name='serial0'/>
</console>
<graphics type='vnc' autoport='yes'>
<listen type='address' address='0.0.0.0'/>
</graphics>
</devices>
</domain>
回答1:
Best I can tell this is NOT a multicast mac address...
But it really is a multicast address, although not in the sense of an IPv4 multicast to MAC multicast (01-00-5E-00-00-00 through 01-00-5E-7F-FF-FF), IPv6 multicast to MAC multicast (33-33-00-00-00-00 through 33-33-FF-FF-FF-FF), or any of the predefined IEEE multicast addresses, e.g. STP, LLDP, etc..
There are two flags in the most-significant byte of a MAC address. The least-significant bit of the most-significant byte is the I/G (Individual/Group) flag. Setting this bit means that the address is used as a destination address to a group. The second least-significant bit of the most-significant byte is the U/L (Universal/Local) flag. Setting this bit means that the MAC address was locally created; BIAs (Burned-in-Addresses) have the U/L bit clear.
Any MAC address with the I/G bit set is a multicast address, with a special case for the broadcast MAC address (ff-ff-ff-ff-ff-ff). That means that any odd number in the most-significant byte of the MAC address is a multicast address.
Multicast addresses can only be destination addresses, not an address assigned to an interface.
Your MAC address, 53:54:00:b4:ad:81, has both the I/G bit set, meaning that it is a multicast (destination group) address, and the U/L bit set, meaning that it is a locally defined MAC address.
The most-significant byte is 0x53 (01010011), so both flags are set.
0 1 0 1 0 0 1 1
^ ^
| |
U/L I/G
Any MAC addresses you create, exclusive of any OUI you own, are supposed to have the U/L bit set to show that you have created them, and that they will not step on an OUI owned by a different company (unfortunately, a lot of people that make up their own MAC addresses do not do this, but there really isn't any way to enforce it). Interface addresses must have the I/G bit clear to prevent them from being multicast (group destination) addresses.
People often ask why the flags are the two least-significant bits of the most-significant byte. That is because of the order bits, bytes, and frame fields are sent on ethernet. The least-significant bit of a byte is sent first, the most-significant byte of a frame is sent first, and the first field of a frame is the destination address. Also, remember that ethernet was originally on a shared medium (the way Wi-Fi is now), so all hosts on the LAN saw all frames. The first bit received at a host tells a host seeing the frame if the destination address is an individual or group address.
来源:https://stackoverflow.com/questions/58808705/libvirterror-xml-error-expected-unicast-mac-address-found-multicast