control: reassign -1 src:linux # I believe this is the kernels fault, but # I might be wrong... thanks
On Montag, 13. Januar 2014, michael wrote: > Package: base > Severity: normal > Tags: upstream > > Dear Maintainer, > * What led up to the situation? > Checksum calcualtion for outgoing tcp packages had been moved from > the kernel to the network interface card (ethX or wlanX). > Thus when capturing data with tcpdump / Wireshark/ pcap invalid > checksums occur. Thus it is no longer possible to determine which packages > had invalid checksums and will be discarded. > Therefore TCP-offloading needs to be manually deactivated with > ethtool. * What exactly did you do (or not do) that was effective (or > ineffective)? > I deactivated all netwark card features and thus expected the kernel to > calculate the outgoing checksums: > su > ethtool -K eth0 rx off tx off sg off tso off gso off > * What was the outcome of this action? > > All features are activated according ethtool: > ethtool -k eth0 > Features for eth0: > rx-checksumming: off > tx-checksumming: off > tx-checksum-ipv4: off [fixed] > tx-checksum-unneeded: off [fixed] > tx-checksum-ip-generic: off > tx-checksum-ipv6: off [fixed] > tx-checksum-fcoe-crc: off [fixed] > tx-checksum-sctp: off [fixed] > scatter-gather: off > tx-scatter-gather: off > tx-scatter-gather-fraglist: off [fixed] > tcp-segmentation-offload: off > tx-tcp-segmentation: off > tx-tcp-ecn-segmentation: off [fixed] > tx-tcp6-segmentation: off > udp-fragmentation-offload: off [fixed] > generic-segmentation-offload: off > generic-receive-offload: off > large-receive-offload: off [fixed] > rx-vlan-offload: on > tx-vlan-offload: on > ntuple-filters: off [fixed] > receive-hashing: off [fixed] > highdma: on [fixed] > rx-vlan-filter: on [fixed] > vlan-challenged: off [fixed] > tx-lockless: off [fixed] > netns-local: off [fixed] > tx-gso-robust: off [fixed] > tx-fcoe-segmentation: off [fixed] > fcoe-mtu: off [fixed] > tx-nocache-copy: on > loopback: off [fixed] > > I entered: > wget www.heise.de > > While tracking the traffic with tcpdump (see "incorrect" for checksums of > traffic in outgoing direction (Donald.fritz.box.43681 > > redirector.heise.de): > > tcpdump -i eth0 -vvv tcp > tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 65535 > bytes > 18:57:13.399866 IP (tos 0x0, ttl 64, id 50216, offset 0, flags [DF], proto > TCP (6), length 60) > Donald.fritz.box.43681 > redirector.heise.de.http: Flags [S], cksum > 0xc4a8 (incorrect -> 0x573c), seq 2174976360, win 14600, options [mss > 1460,sackOK,TS val 345408 ecr 0,nop,wscale 6], length 0 > 18:57:13.413922 IP (tos 0x0, ttl 245, id 15109, offset 0, flags [DF], proto > TCP (6), length 60) > redirector.heise.de.http > Donald.fritz.box.43681: Flags [S.], cksum > 0x6a7a (correct), seq 3901327278, ack 2174976361, win 4356, options [mss > 1452,nop,nop,TS val 2361400012 ecr 345408,sackOK,eol], length 0 > 18:57:13.413989 IP (tos 0x0, ttl 64, id 50217, offset 0, flags [DF], proto > TCP (6), length 52) > Donald.fritz.box.43681 > redirector.heise.de.http: Flags [.], cksum > 0xc4a0 (incorrect -> 0x6e2d), seq 1, ack 1, win 14600, options [nop,nop,TS > val 345412 ecr 2361400012], length 0 > 18:57:13.414200 IP (tos 0x0, ttl 64, id 50218, offset 0, flags [DF], proto > TCP (6), length 160) > Donald.fritz.box.43681 > redirector.heise.de.http: Flags [P.], cksum > 0x03dd (correct), seq 1:109, ack 1, win 14600, options [nop,nop,TS val > 345412 ecr 2361400012], length 108 > 18:57:13.434350 IP (tos 0x0, ttl 245, id 15510, offset 0, flags [DF], proto > TCP (6), length 544) > redirector.heise.de.http > Donald.fritz.box.43681: Flags [P.], cksum > 0x7e69 (correct), seq 1:493, ack 109, win 4464, options [nop,nop,TS val > 2361400030 ecr 345412], length 492 > 18:57:13.434438 IP (tos 0x0, ttl 64, id 50219, offset 0, flags [DF], proto > TCP (6), length 52) > Donald.fritz.box.43681 > redirector.heise.de.http: Flags [.], cksum > 0xc4a0 (incorrect -> 0x680e), seq 109, ack 493, win 15544, options > [nop,nop,TS val 345417 ecr 2361400030], length 0 > 18:57:13.434456 IP (tos 0x0, ttl 245, id 15512, offset 0, flags [DF], proto > TCP (6), length 52) > redirector.heise.de.http > Donald.fritz.box.43681: Flags [F.], cksum > 0x935a (correct), seq 493, ack 109, win 4464, options [nop,nop,TS val > 2361400030 ecr 345412], length 0 > 18:57:13.434716 IP (tos 0x0, ttl 64, id 50220, offset 0, flags [DF], proto > TCP (6), length 52) > Donald.fritz.box.43681 > redirector.heise.de.http: Flags [R.], cksum > 0xc4a0 (incorrect -> 0x6809), seq 109, ack 494, win 15544, options > [nop,nop,TS val 345417 ecr 2361400030], length 0 > 18:57:13.436862 IP (tos 0x0, ttl 64, id 57218, offset 0, flags [DF], proto > TCP (6), length 60) > Donald.fritz.box.51718 > www.heise.de.http: Flags [S], cksum 0xc4ad > (incorrect -> 0x4e36), seq 1372822219, win 14600, options [mss > 1460,sackOK,TS val 345417 ecr 0,nop,wscale 6], length 0 > 18:57:13.452346 IP (tos 0x0, ttl 245, id 16086, offset 0, flags [DF], proto > TCP (6), length 60) > www.heise.de.http > Donald.fritz.box.51718: Flags [S.], cksum 0x133b > (correct), seq 2147368525, ack 1372822220, win 4356, options [mss > 1452,nop,nop,TS val 2361400050 ecr 345417,sackOK,eol], length 0 > 18:57:13.452421 IP (tos 0x0, ttl 64, id 57219, offset 0, flags [DF], proto > TCP (6), length 52) > Donald.fritz.box.51718 > www.heise.de.http: Flags [.], cksum 0xc4a5 > (incorrect -> 0x16ee), seq 1, ack 1, win 14600, options [nop,nop,TS val > 345421 ecr 2361400050], length 0 > 18:57:13.452674 IP (tos 0x0, ttl 64, id 57220, offset 0, flags [DF], proto > TCP (6), length 164) > Donald.fritz.box.51718 > www.heise.de.http: Flags [P.], cksum 0xbdf3 > (correct), seq 1:113, ack 1, win 14600, options [nop,nop,TS val 345421 ecr > 2361400050], length 112 > 18:57:13.573991 IP (tos 0x0, ttl 245, id 19085, offset 0, flags [DF], proto > TCP (6), length 52) > www.heise.de.http > Donald.fritz.box.51718: Flags [.], cksum 0x3d9c > (correct), seq 1, ack 113, win 4468, options [nop,nop,TS val 2361400168 ecr > 345421], length 0 > 18:57:13.897574 IP (tos 0x0, ttl 245, id 28551, offset 0, flags [DF], proto > TCP (6), length 1492) > www.heise.de.http > Donald.fritz.box.51718: Flags [.], cksum 0x5721 > (correct), seq 1:1441, ack 113, win 4468, options [nop,nop,TS val > 2361400495 ecr 345421], length 1440 > 18:57:13.897634 IP (tos 0x0, ttl 64, id 57221, offset 0, flags [DF], proto > TCP (6), length 52) > Donald.fritz.box.51718 > www.heise.de.http: Flags [.], cksum 0xc4a5 > (incorrect -> 0x043a), seq 113, ack 1441, win 17280, options [nop,nop,TS > val 345532 ecr 2361400495], length 0 > 18:57:13.897652 IP (tos 0x0, ttl 245, id 28552, offset 0, flags [DF], proto > TCP (6), length 60) > www.heise.de.http > Donald.fritz.box.51718: Flags [P.], cksum 0xc6fc > (correct), seq 1441:1449, ack 113, win 4468, options [nop,nop,TS val > 2361400495 ecr 345421], length 8 > 18:57:13.897669 IP (tos 0x0, ttl 64, id 57222, offset 0, flags [DF], proto > TCP (6), length 52) > Donald.fritz.box.51718 > www.heise.de.http: Flags [.], cksum 0xc4a5 > (incorrect -> 0x0431), seq 113, ack 1449, win 17280, options [nop,nop,TS > val 345533 ecr 2361400495], length 0 > 18:57:13.898942 IP (tos 0x0, ttl 245, id 28553, offset 0, flags [DF], proto > TCP (6), length 1492) > www.heise.de.http > Donald.fritz.box.51718: Flags [.], cksum 0x8c13 > (correct), seq 1449:2889, ack 113, win 4468, options [nop,nop,TS val > 2361400495 ecr 345421], length 1440 > 18:57:13.898964 IP (tos 0x0, ttl 64, id 57223, offset 0, flags [DF], proto > TCP (6), length 52) > Donald.fritz.box.51718 > www.heise.de.http: Flags [.], cksum 0xc4a5 > (incorrect -> 0xf350), seq 113, ack 2889, win 20160, options [nop,nop,TS > val 345533 ecr 2361400495], length 0 > > * What outcome did you expect instead? > I expected valid checksums of taced outgoing packages. > > Note: > I did the same test on debian testing. Here the tcpdump checksums were ok > (correct). > > > > -- System Information: > Debian Release: 7.3 > APT prefers stable-updates > APT policy: (500, 'stable-updates'), (500, 'stable') > Architecture: amd64 (x86_64) > > Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores) > Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash
signature.asc
Description: This is a digitally signed message part.
