On 07/15/15 00:44, Kristof Provost wrote: >> On 14 Jul 2015, at 21:23, Mark Felder <f...@freebsd.org> wrote: >> On Tue, Jul 14, 2015, at 13:54, Colin Percival wrote: >>> More precisely *pf* is a known issue. It's inserting TCP checksums >>> into TSO packets. I reported this a long time ago and I don't know >>> why pf still hasn't been fixed. >> >> I think Kristof may have solved this in HEAD with all of the care and >> feeding he has been doing to pf, but I haven't verified. > > I wouldn’t expect so. As far as I know I’ve not fixed anything TSO or > checksum related.
In my tests, deleting these lines from pf_ioctl.c 3570 /* We need a proper CSUM befor we start (s. OpenBSD ip_output) */ 3571 if ((*m)->m_pkthdr.csum_flags & CSUM_DELAY_DATA) { 3572 in_delayed_cksum(*m); 3573 (*m)->m_pkthdr.csum_flags &= ~CSUM_DELAY_DATA; 3574 } unbreaks pf+TSO on EC2 instances. I'm not entirely sure why these lines are there in the first place, which is why I didn't want to simply go in and remove them -- but it may be that wrapping those lines in something like "if ((csum_flags & CSUM_TSO) == 0)" would solve the problem without breaking anything else. -- Colin Percival Security Officer Emeritus, FreeBSD | The power to serve Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid _______________________________________________ freebsd-xen@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-xen To unsubscribe, send any mail to "freebsd-xen-unsubscr...@freebsd.org"