|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [win-pv-devel] Hi, a question about the checksum offload and WinDivert
On Tue, Nov 6, 2018 at 7:06 PM Paul Durrant <Paul.Durrant@xxxxxxxxxx> wrote: > > De-htmling... > > My responses indented: > > --- > From: win-pv-devel [mailto:win-pv-devel-bounces@xxxxxxxxxxxxxxxxxxxx] On > Behalf Of Haohao Lee > Sent: 06 November 2018 08:34 > To: win-pv-devel@xxxxxxxxxxxxxxxxxxxx > Subject: [win-pv-devel] Hi, a question about the checksum offload and > WinDivert > > Hi Xen folks, > > Background: > I am a Windows application developer. We developed an application which > modifies packets and rejects them back into the network stack to do some > network proxy transparently. > > We achieved this by using WinDivert (https://reqrypt.org/windivert.html) that > is a tool/driver allows user-mode applications to capture/modify/drop network > packets sent to/from the Windows network stack. > > Our app worked well on physical Windows machines but on Xen virtual machines > we encountered a problem. > > Problem: > - Everything works well before we start our app. > - Network traffic is blocked after the app is started, even a single SYN > packet couldn't be sent out. > > Workaround: > If we disable the checksum offload in Xen Net Driver, everything starts to > work again. > > > Hi Hao, > > > > Which checksum offload? Just TCP or IPv4 too? > > > The driver property does not mention IP or TCP, just checksum offload > > > (But our problem only occurs for TCP) > > > Here I have a screenshot > > > https://user-images.githubusercontent.com/238419/47770931-46b6ad80-dd1c-11e8-8010-42d05baf018b.png > > Testing Environment: > Xen Virtual Machine: Windows 7 Sp1 x64 with latest updates > Xen Net Driver: Driver version 3.0.144.590 xennet.sys version 2.3.0.144 > > I have a couple of questions: > 1. Is this a problem of WinDivert driver or Xen Net driver from your > perspective? > > > Since the stable (i.e. 8.x) drivers pass all logo tests (which have > > detailed checks of the semantics of checksum offload, LSO, etc.) the I'd > > say the problem lies in the application. One thing to try is disabling LRO > > though.. this is disabled for logo testing since the version of NDIS we use > > doesn't actually support it. (Moving to a newer NDIS is on the TODO list). > > > New findings, If I disable checksum offload, the average throughput goes > > > up from 600Mbit/s to 1Gbit/s as well. Therefore now I suspect there may > > > be something wrong with this option ON. > > 2. If this belongs to Xen Net driver, does the latest driver fix this? > 3. I found many articles on the Internet which teach people to disable > checksum offload (and other kinds of offload) for Xen virtual machines, e.g. > some tutorials from AWS. Why is this option ON by default if it shouldn't be, > or is there any introduction about the context why it is ON by default? I > know what TCP/IP checksum is, but in virtual machine context, I have no idea > if it is necessary or not. > > Any comment or suggestion is appreciated. > > > The answer is "it's complicated" :-) The default set of offloads is the set > > we use in Citrix branded versions of the drivers for XenServer and, whilst > > there used to be many issues with such offloads in the past (pre Xenserver > > 7.x), we have not had *any* reports from the field to suggest there are any > > current issues with checksum or large packet offloads in the 8.x drivers. > > > By the way, it seems I cannot install 8.x Xen Net Driver directly. The OS > > > keeps telling me my old driver is the best one. > > > > Cheers, > > > > Paul > > Thanks > > Hao _______________________________________________ win-pv-devel mailing list win-pv-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/win-pv-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |
