|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] Xen checksumming bug with IPsec ESP packets
On 3 Aug 2005, at 17:27, Jonathan M. McCune wrote: We fixed this by removing the addition of flag NETIF_F_IP_CSUM in drivers/xen/netfront/netfront.c:create_netdev(). I believe this tells the kernel to just always do the checksum in software. Thus, the broken optimization for TCP/UDP packets gets bypassed.Permanent Solution: ??? That's why I posted this message... :-) I suspect the ESP code would need to be made aware of the csum_blank field, and fill in before forwarding. There are doubtless other paths that may need similar tweaks (e.g., NAT IP masquerading is untested I think, although there's a fair chance it'll just work). Apart from the above 'proper fix', simple not-so-hacky solutions include: * Run 'ethtool -K tx off' in each domU* Add an option to netback in domain0 to fill in checksums itself if not done by domU. * Allow netback to advertise to domUs whether it accepts non-checksummed packets, and have an option to set this advertisement when you start netback. -- Keir _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |