From nobody Tue Apr 12 19:40:32 2022
X-Original-To: freebsd-stable@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 89FCD1AF7D56
	for <freebsd-stable@mlmmj.nyi.freebsd.org>; Tue, 12 Apr 2022 19:40:40 +0000 (UTC)
	(envelope-from spork@bway.net)
Received: from smtp1.bway.net (smtp1.bway.net [216.220.96.27])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client did not present a certificate)
	by mx1.freebsd.org (Postfix) with ESMTPS id 4KdGKg3nFvz3hgL;
	Tue, 12 Apr 2022 19:40:39 +0000 (UTC)
	(envelope-from spork@bway.net)
Received: from gaseousweiner.sporklab.com (unknown [108.35.254.39])
	(using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	(Authenticated sender: spork@bway.net)
	by smtp1.bway.net (Postfix) with ESMTPSA id CE85E2DB5A;
	Tue, 12 Apr 2022 15:40:32 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=bway.net; s=mail;
	t=1649792432; bh=/J3dl/MF3Jp8UUQIZlFgLTaJqAYjT2Pl6UiXB3Adiaw=;
	h=Subject:From:In-Reply-To:Date:Cc:References:To;
	b=Cn5VBABWupKFZQQ3LihZeSaY/BcUdbNtZeFNM92CfTgT/iYVnrRj8nkikKfH6aStw
	 GvwPCT0S+U1hFwqfo5CJ7Ztxfkytxib9XnylujqrNpkbxtaHLQym/a0CMJODZVu1XI
	 NE8oPD3IVJ7V9VzxCVzOrrRaogivGpQXFRFko3dE=
Content-Type: text/plain;
	charset=utf-8
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-stable
List-Help: <mailto:stable+help@freebsd.org>
List-Post: <mailto:stable@freebsd.org>
List-Subscribe: <mailto:stable+subscribe@freebsd.org>
List-Unsubscribe: <mailto:stable+unsubscribe@freebsd.org>
Sender: owner-freebsd-stable@freebsd.org
X-BeenThere: freebsd-stable@freebsd.org
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.21\))
Subject: Re: vtnet rxcsum broken for forwarding RELENG_13 ?
From: Charles Sprickman <spork@bway.net>
In-Reply-To: <0FE1F488-EEA5-4010-9926-2D9567E8461F@FreeBSD.org>
Date: Tue, 12 Apr 2022 15:40:32 -0400
Cc: Matt Garber <matt.garber@gmail.com>,
 mike tancsa <mike@sentex.net>,
 FreeBSD-STABLE Mailing List <freebsd-stable@freebsd.org>
X-Mao-Original-Outgoing-Id: 671485232.4713089-91ba19f7344191be9bd64424aad76bfb
Content-Transfer-Encoding: quoted-printable
Message-Id: <5A9B449D-BC3C-4D89-8AE8-7CC680B2F41E@bway.net>
References: <d30a54ad-6b93-456e-64fc-75d1b09b2fb3@sentex.net>
 <CANwXMPPUEYWOoYLcYGhzMpP=MOd-oNrT4S7NJUy8AE52cPRvEg@mail.gmail.com>
 <0FE1F488-EEA5-4010-9926-2D9567E8461F@FreeBSD.org>
To: Kristof Provost <kp@FreeBSD.org>
X-Mailer: Apple Mail (2.3445.104.21)
X-Rspamd-Queue-Id: 4KdGKg3nFvz3hgL
X-Spamd-Bar: --
Authentication-Results: mx1.freebsd.org;
	dkim=pass header.d=bway.net header.s=mail header.b=Cn5VBABW;
	dmarc=pass (policy=quarantine) header.from=bway.net;
	spf=pass (mx1.freebsd.org: domain of spork@bway.net designates 216.220.96.27 as permitted sender) smtp.mailfrom=spork@bway.net
X-Spamd-Result: default: False [-2.10 / 15.00];
	 RCVD_VIA_SMTP_AUTH(0.00)[];
	 MV_CASE(0.50)[];
	 R_SPF_ALLOW(-0.20)[+ip4:216.220.96.27/32];
	 TO_DN_ALL(0.00)[];
	 DKIM_TRACE(0.00)[bway.net:+];
	 DMARC_POLICY_ALLOW(-0.50)[bway.net,quarantine];
	 NEURAL_HAM_SHORT(-1.00)[-1.000];
	 RCVD_IN_DNSWL_LOW(-0.10)[216.220.96.27:from];
	 FROM_EQ_ENVFROM(0.00)[];
	 SUBJECT_ENDS_QUESTION(1.00)[];
	 ASN(0.00)[asn:8059, ipnet:216.220.96.0/19, country:US];
	 MID_RHS_MATCH_FROM(0.00)[];
	 ARC_NA(0.00)[];
	 NEURAL_HAM_MEDIUM(-1.00)[-1.000];
	 R_DKIM_ALLOW(-0.20)[bway.net:s=mail];
	 FROM_HAS_DN(0.00)[];
	 RCPT_COUNT_THREE(0.00)[4];
	 NEURAL_HAM_LONG(-1.00)[-1.000];
	 TAGGED_RCPT(0.00)[];
	 MIME_GOOD(-0.10)[text/plain];
	 DWL_DNSWL_LOW(-1.00)[bway.net:dkim];
	 MIME_TRACE(0.00)[0:+];
	 TO_MATCH_ENVRCPT_SOME(0.00)[];
	 MLMMJ_DEST(0.00)[freebsd-stable];
	 FREEMAIL_CC(0.00)[gmail.com,sentex.net,freebsd.org];
	 RCVD_TLS_ALL(0.00)[];
	 SUSPICIOUS_RECIPS(1.50)[];
	 RCVD_COUNT_TWO(0.00)[2]
X-ThisMailContainsUnwantedMimeParts: N



> On Apr 12, 2022, at 6:43 AM, Kristof Provost <kp@FreeBSD.org> wrote:
>=20
> On 12 Apr 2022, at 2:07, Matt Garber wrote:
>> On Mon, Apr 11, 2022 at 7:15 PM mike tancsa <mike@sentex.net> wrote:
>>=20
>>> I was setting up a VM pf firewall and noticed I was not able to nat =
out
>>> for some reason. Looking at the pcap, it seems when the vm is in
>>> forwarding mode, I get tcp checksum errors. If I do a
>>>=20
>>> ifconfig vtnet1 -rxcsum
>>>=20
>>> ifconfig vtnet0 -rxcsum
>>>=20
>>> nat then seems to work fine
>>>=20
>>> The setup is a simple VM with the hypervisor libvirt/KVM ubuntu 20 =
LTS.
>>> Guest is RELENG_13 from Apr 11/2022. If I change to em nics in the =
VM,
>>> all is fine out of the box.
>>>=20
>>>=20
>>> I opened up https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D263229=

>>=20
>>=20
>>=20
>> Unless someone knows otherwise, I=E2=80=99ve been under the =
impression that PF =E2=80=94 or
>> potentially any of the other FreeBSD firewalls (?), but I use PF =E2=80=
=94 has been
>> =E2=80=9Cbroken=E2=80=9D in that regard on Linux KVM-based FreeBSD =
guests for years. As
>> such I=E2=80=99ve always needed to use csum_disable flags on the =
vtnet interfaces
>> or suffer *extremely* poor network performance, even for servers not =
doing
>> NAT forwarding.
>>=20
> That PF checksum issue was fixed =
c110fc49da2995d10d60d908af0838ecb4be9bee, back in 2015.

Do you have a bug ID that references this issue/fix?

Charles


>=20
> Kristof
>=20