From owner-freebsd-net@FreeBSD.ORG Mon May 9 02:31:51 2005 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B644E16A4E6 for ; Mon, 9 May 2005 02:31:51 +0000 (GMT) Received: from mss1.myactv.net (mss1.myactv.net [24.89.0.26]) by mx1.FreeBSD.org (Postfix) with SMTP id C662943D8F for ; Mon, 9 May 2005 02:31:50 +0000 (GMT) (envelope-from patrickdk@patrickdk.com) Received: (qmail 11269 invoked from network); 9 May 2005 02:31:50 -0000 Received: from dyn-19-218.myactv.net (24.89.19.218) by new.mss1.myactv.net with SMTP; 9 May 2005 02:31:50 -0000 Date: Mon, 9 May 2005 02:31:50 +0000 (UTC) From: Patrick Domack X-X-Sender: dswett@server.dswett.patrickdk.com To: Maksim Yevmenkin In-Reply-To: <427E3336.3040907@savvis.net> Message-ID: References: <427E3336.3040907@savvis.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed cc: freebsd-net@freebsd.org cc: patrickdk@patrickdk.com Subject: Re: tap interface and locally generated packets X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: patrickdk@patrickdk.com List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 May 2005 02:31:51 -0000 Yes, ifconfig -txcsum fixes the problem, so somewhere packets are not getting marked to be summed if the hardware checksum is turned on, and packets don't go to the hardware card, but head to the tap interface instead. This will work for a for alittle while, but as these are high usage, gigabit links, and tend to have alot of traffic on them, where as the tap interface is low load. It could cause a descent amount of cpu load. Thanks. On Sun, 8 May 2005, Maksim Yevmenkin wrote: > Patrick, > >> I have been working with tap interfaces, bridging and openvpn >> >> Bridging works perfectly, and openvpn does too >> >> Packet pings from the tap interface works to any ip address, on the local >> machine or computer on the bridged network >> >> Attempting to make a tcp connection works for bridged network, but not the >> machine the tap interface is on >> >> I have found this is due to tcp checksums not being generated, Packets >> recieved over the tap interface on the client machine have blank (bad) >> checksums. >> >> I have looked at the source and it seems there is no interface to add the >> checksums to be generated for the tap interface. > > tap(4) interface should not modify anything inside the packet. the whole > point is to accept _complete_ ethernet frame from user-space (just as it > comes from the wire) and pass it up the stack. > > my guess would be that something else is not generating proper ip checksum. > just a crazy thought: are you offloading ip checksum'ing to your ethernet > card? if so, please try to disable it and see if it helps. > > thanks, > max > >