[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] TCP Segment offloading + DF


I don't know if TCO is supported for XEN_NETDEV_FRONTED in kernel 3.1.6,
however I found an issue.

I had to track down an issue today:
Packet from a local machine didn't get routed to the internet.
After long searching I found the issue:

The TCP-Segmentation-offloading assembles fragments with Do Not Fragment set.
This introduces issues when the packet is to be rerouted trough a router.


 |->Bridge 1 - MTU 1500
 |    |-> PHY - eth0
 |    |-> VIF - Dom1
 |    \-> VIF - Dom2 (router)
 \->Bridge 2 - MTU 1500
      |-> PHY - eth1
      \-> VIF - Dom2 (router)

Dom 1 <-> VIF <--(bridge 1)--> VIF <-> dom2 <-> VIF <--(bridge 2)-->

Practical example:
Dom1 generate 2 packet to be routed to bridge 2 from bridge 1.
Packet 1: 1300 bytes DF (TCP)
Packet 2: 400 bytes DF (TCP)

The TCP-offloading throws them together and passes 1 packet: 1700 bytes DF 
Smart thing to do, reduces load etc.

Then it arrives at dom2, it looks at the packets, sees a 1700 byte packet, and 
sees the DF.
Dom2 would put it on the bridge 2 network, fragmented, but it's not allowed, so 
instead it drops the packet.

I'm not sure if it's "working as designed" or if this is an unfortunate side 

Feedback welcome,
(even "You are an idiot, of course it's  going to fail !" :) )
Killian De Volder

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.