On 07/15/15 00:44, Kristof Provost wrote:
>> On 14 Jul 2015, at 21:23, Mark Felder <f...@freebsd.org> wrote:
>> On Tue, Jul 14, 2015, at 13:54, Colin Percival wrote:
>>> More precisely *pf* is a known issue.  It's inserting TCP checksums
>>> into TSO packets.  I reported this a long time ago and I don't know
>>> why pf still hasn't been fixed.
>> I think Kristof may have solved this in HEAD with all of the care and
>> feeding he has been doing to pf, but I haven't verified.
> I wouldn’t expect so. As far as I know I’ve not fixed anything TSO or
> checksum related.

In my tests, deleting these lines from pf_ioctl.c

3570    /* We need a proper CSUM befor we start (s. OpenBSD ip_output) */
3571    if ((*m)->m_pkthdr.csum_flags & CSUM_DELAY_DATA) {
3572            in_delayed_cksum(*m);
3573            (*m)->m_pkthdr.csum_flags &= ~CSUM_DELAY_DATA;
3574    }

unbreaks pf+TSO on EC2 instances.  I'm not entirely sure why these lines
are there in the first place, which is why I didn't want to simply go in
and remove them -- but it may be that wrapping those lines in something
like "if ((csum_flags & CSUM_TSO) == 0)" would solve the problem without
breaking anything else.

Colin Percival
Security Officer Emeritus, FreeBSD | The power to serve
Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid
freebsd-xen@freebsd.org mailing list
To unsubscribe, send any mail to "freebsd-xen-unsubscr...@freebsd.org"

Reply via email to