tech-net archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Deferring IP checksum for xennet(4)/xvif(4)



On Wed 18 Mar 2020 at 09:45:01 +0100, Manuel Bouyer wrote:
> Hi,
> thanks for looking at this.
> 
> On Tue, Mar 17, 2020 at 10:35:36PM +0100, Jaromír Dole?ek wrote:
> > [...]
> > There are at least two problems with this:
> > 1. If destination interface has no hw offloading, it will anyway send
> > the packet without checksum. I think this is actually OK, it's
> > responsibility of the admin to only enable the Tx/Rx for xennet if hw
> > device is hw offload capable.
> 
> I don't think it's OK: most linux distros turns on HW checkums by default.
> If you boot from an install media, you may not have the tools to
> disable it available (I'm not even sure if you can get a shell from
> here). We need to handle this case in bridge.

Indeed. Qemu also tries to defer checksum calculation until a packet
hits a real hardware NIC. Traffic between VMs on the same host therefore
has incorrect checksums, on the theory that the receiver doesn't care
(or has checksum offloading enabled in its virtual interface). There are
network topologies where the result is that there is some intermediate
party which *does* care about checksums, but they are incorrect at that
point. At $DAYJOB we came across this, and it is a pain in the neck. To
get around it we need to somehow insert custom config into VMs we have
no control over (i.e. customer VMs). Please avoid this kind of lossage.

-Olaf.
-- 
Olaf 'Rhialto' Seibert -- rhialto at falu dot nl
___  Anyone who is capable of getting themselves made President should on
\X/  no account be allowed to do the job.       --Douglas Adams, "THGTTG"

Attachment: signature.asc
Description: PGP signature



Home | Main Index | Thread Index | Old Index