There appears to be a bug that UDP packet checksums aren't computed on the way from a host to a guest, which means the recipient just drops them. See https://bugs.launchpad.net/bugs/930962
By turning them off completely using ethtool, we work around the problem. Signed-off-by: Petr Pudlak <[email protected]> --- tools/ifup-os.in | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/tools/ifup-os.in b/tools/ifup-os.in index c1d9927..5c546e3 100644 --- a/tools/ifup-os.in +++ b/tools/ifup-os.in @@ -184,6 +184,18 @@ fi # parameters does not produce an error. ifconfig $INTERFACE 169.254.169.254 netmask $NETMASK up +# There is a known bug where UDP packets comming from a host to a XEN +# guest are missing checksums. There are several ways how to tackle the +# issue, for example fixing the checksums using iptables (requires a +# newer version): +# +# iptables -A POSTROUTING -t mangle -p udp --dport bootpc -j CHECKSUM \ +# --checksum-fill +# +# The easiest one currently seems to be to just turn checksumming off +# for this direction: +ethtool -K $INTERFACE tx off || true + # Configure the routing table # # Given that all TAP network interfaces in the instance communication -- 2.1.0.rc2.206.gedb03e5
