From owner-freebsd-current@FreeBSD.ORG Sun Dec 17 21:08:59 2006 Return-Path: X-Original-To: current@freebsd.org Delivered-To: freebsd-current@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 363D316A412 for ; Sun, 17 Dec 2006 21:08:59 +0000 (UTC) (envelope-from infofarmer@gmail.com) Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.169]) by mx1.FreeBSD.org (Postfix) with ESMTP id 541DB43C9F for ; Sun, 17 Dec 2006 21:08:58 +0000 (GMT) (envelope-from infofarmer@gmail.com) Received: by ug-out-1314.google.com with SMTP id o2so1165416uge for ; Sun, 17 Dec 2006 13:08:57 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=koJbayokd4ShX4GecFq5MEnXeB4C1i055PYuQozxj07hLMJYW3CC89E4L/MA9p8WmHjsfCQoEuvvrRw03wovCU9LouMyhLINPZy1br0XgqgN2v9gMx2t2OWJGaL3cfI/MIg/zXlVnIRKJoW6lqQyzxwHlRGP4qxjzoMjwwkC43I= Received: by 10.78.57.11 with SMTP id f11mr1700266hua.1166389736926; Sun, 17 Dec 2006 13:08:56 -0800 (PST) Received: by 10.78.167.16 with HTTP; Sun, 17 Dec 2006 13:08:56 -0800 (PST) Message-ID: Date: Mon, 18 Dec 2006 00:08:56 +0300 From: "Andrew Pantyukhin" Sender: infofarmer@gmail.com To: "Kris Kennaway" In-Reply-To: <20061217205249.GA73132@xor.obsecurity.org> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <20061217205249.GA73132@xor.obsecurity.org> X-Google-Sender-Auth: d25e7543e78450d0 Cc: current@freebsd.org, David Xu Subject: Re: vge(4) bad checksum X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Dec 2006 21:08:59 -0000 On 12/17/06, Kris Kennaway wrote: > On Sun, Dec 17, 2006 at 11:46:24PM +0300, Andrew Pantyukhin wrote: > > I'm not sure what it's all about, but with today's > > current whatever goes out my vge interface (icmp/ > > tcp/udp) has bad checksum: > > This is a FAQ; it's probably using hardware checksum offloading. > > Since the packet passed down to the NIC does not yet have the checksum > computed, it looks to tcpdump like the checksum is incorrect. However > if you look at the packet actually transmitted by the NIC > (e.g. tcpdump on another host), you'll see that it has the correct > checksum. I wouldn't even notice the checksum issue if my ipsec connection to another host hadn't stop working. The host has ipsec(4) and a re(4) interface. dmesg on the box showed issues with AH checksums. The problem is whenever I run tcpdump (promiscuous or not) on re(4), the box (amd64 current) drops to kernel debugger with messages like: panic: mutex Giant not owned at /usr/src/sys/net/bpf.c:1399 But that's another story. So I guess my fast_ipsec/vge/checksum problem is either fast_ipsec or fast_ipsec+vge bound. Again, there was no problem with 20061210-current+ipsec+vge (not fast_ipsec).