Hi list,
Is there a way to turn off hardware calculation of the TCP checksum?
I have a setup with the following network connections
Machine 1 - Firewall, eth0 on the internal network, eth1 connected to
the ADSL modem, ppp+ connected to the internet via PPPoE on eth1
Machine 2 - Server, eth0 is connected to the internal network.
There is just one catch. Neither machines truly exist. They are both
DomU machines inside a Xen-3 machine, which has a dom-0 which looks like
this:
Dom0 - eth0 on the internal network, eth1 connected to the ADSL modem.
All network cards are bridged.
Now here's the problem. Any machine on the internal network manages to
connect to the internet without a problem. Likewise, Machine 1 manages
to connect without a problem. Dom0 and Machine 2, however, can't
connect. When I check with a sniffer I can see that they issue TCP
packets with bad checksums.
My theory is that Dom0 and Machine 2 both assume that eth0 (which is the
NIC through which they get to Machine 1, which is the default gateway)
will do their TCP checksum for them. Unfortunately, as the packet is
only ever redirected to ppp to get out, it never goes through the
hardware card, and the TCP never gets a chance to get calculated.
As further enforcement to this theory, a Windows machine running inside
Xen does manage to connect to the internet without a problem. The
difference, I think, being that unlike Machine 1 and 2 (which are
para-virtualized), the Windows machine see a 100% emulated network card,
and therefor does not assume that it will do its TCP dirty work for it.
As a side note, direct communication between the virtual machines also
produces bad TCP checksums (according to tcpdump and ethereal), but the
communication goes through none the less.
I want to test this theory by turning hardware TCP checksum calculation
off. I've just downloaded the kernel sources trying to figure out how to
do it, but if anyone happens to know the answer, that would be great.
Shachar
--
Shachar Shemesh
Lingnu Open Source Consulting ltd.
Have you backed up today's work? http://www.lingnu.com/backup.html
=================================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
