[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] UDP checksums broken in Dom0 -> DomU vif transfer
On Tue, 2011-12-20 at 09:43 +0000, Jean Guyader wrote: > On 20 December 2011 10:37, Ian Campbell <Ian.Campbell@xxxxxxxxxx> wrote: > > The issue is that dom0 does checksum offload which means the checksum is > > not valid on the domU end, although we know the packet is intact because > > it never hit the wire. > > > > The network stack deals with this because skb->ip_summed is set > > appropriately but when e.g. raw sockets are used it can ends up exposing > > getting exposed to userspace. > > > > We don't want to do the checksum by default since there are performance > > gains from avoiding it in the general case. Note that "tx off" turns of > > TCP and UDP checksum offload. > > > > It's not clear where the bug is here, it could be a bug in dhclinet for > > dropping the packet or perhaps this is something that raw socket driver > > should be correcting (based on ip_summed) as the packet passes through > > to userspace? > > > > I'm not sure but this might impact native hardware too -- depends on the > > H/W's handling of the checksum field on RX, you'd hope they mostly just > > leave it alone, but I'm not sure how e.g. LRO/GRO effects things? > > > > I've seen this issue in the past. I belive the bug is in dhclient. > dhclient checks the checksum on the packets and drop them if it's wrong. Indeed, googling around a bit shows that this dhclient bug affects more than just Xen, e.g. virtio and even some native hardware appear to be effected. http://marc.info/?l=kvm&m=121882968407525&w=2 https://qa.mandriva.com/show_bug.cgi?id=63320 https://bugs.mageia.org/show_bug.cgi?id=1243 http://pkgs.fedoraproject.org/gitweb/?p=dhcp.git;a=blob_plain;f=dhcp-4.2.2-xen-checksum.patch;hb=HEAD The OP didn't say what distro or version of dhclient he was using but I think the right place to report this would be to the distro since it appears to be using an out of date dhclient. In the meantime disabling offload seems like a reasonable local workaround but it is not a fix we should apply by default. Ian. _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
![]() |
Lists.xenproject.org is hosted with RackSpace, monitoring our |