|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] Xen checksumming bug with IPsec ESP packets
I can test patches until the end of August. Cheers, -Jon Nivedita Singhvi wrote: Keir Fraser wrote:On 3 Aug 2005, at 17:27, Jonathan M. McCune wrote:We fixed this by removing the addition of flag NETIF_F_IP_CSUM in drivers/xen/netfront/netfront.c:create_netdev(). I believe this tells the kernel to just always do the checksum in software. Thus, the broken optimization for TCP/UDP packets gets bypassed.Permanent Solution: ??? That's why I posted this message... :-)I suspect the ESP code would need to be made aware of the csum_blank field, and fill in before forwarding. There are doubtless other paths that may need similar tweaks (e.g., NAT IP masquerading is untested I think, although there's a fair chance it'll just work).Apart from the above 'proper fix', simple not-so-hacky solutions include:* Run 'ethtool -K tx off' in each domU* Add an option to netback in domain0 to fill in checksums itself if not done by domU. * Allow netback to advertise to domUs whether it accepts non-checksummed packets, and have an option to set this advertisement when you start netback.Keir, Jonathan, I stuck the above in a bugzilla entry (#143) just for better tracking. Jonathan, would you be able to test patches? thanks, Nivedita _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |