> On 7. Aug 2025, at 00:35, Gleb Smirnoff <gleb...@freebsd.org> wrote: > > Michael, > > On Fri, Aug 01, 2025 at 08:17:35AM +0000, Michael Tuexen wrote: > M> When the SCTP, TCP, or UDP implementation send a packet, it does not > M> compute the corresponding checksum but defers that. The network layer > M> will determine whether the network interface selected for the packet > M> has the requested capability and computes the checksum in software, > M> if the selected network interface doesn't have the requested > M> capability. > M> Do this not only for packets being sent by the local SCTP, TCP, > M> and UDP stack, but also when forwarding packets. Furthermore, when > M> such packets are delivered to a local SCTP, TCP, or UDP stack, do not > M> compute or validate the checksum, since such packets never have been on > M> the wire. > M> This allows to support checksum offloading also in the case of local > M> virtual machines or jails. > M> Support for epair, vtnet, and tap interfaces will be added in > M> separate commits. > > Not a request for any action, but a general comment on the topic. > > Imagine we are developing an IP stack from scratch for modern computers. Most > NICs do hardware checksumming, large fraction of installations run in A lot do checksum offloading for TCP/IPv[46] and UDP/IPv[46]. But only some do it for SCTP/IPv[46]. Also support for TCP and UDP, if encapsulated in some tunneling stuff, is only supported by some NICs. > containers/VMs and communicate via virtual interfaces. With modern reality we I agree. That is the motivation of the patch set in https://reviews.freebsd.org/D51639 where support for checksum offloading for the epair device is added. This way you can send/recv packets in a jail, and the checksum is computed by the physical NIC, which is used for actually sending the packet. If the packet ends up in another jail or VM on the local host, also no checksum is computed. The patches https://reviews.freebsd.org/D51289 https://reviews.freebsd.org/D51686 https://reviews.freebsd.org/D51688 are needed for vnet interfaces and its use by bhyve. > would probably do not do any checksumming in the stack at all, just completely > ignore the checksum field. It would always be obligation of the NIC driver to > care about the checksums. The existing software checksumming code would be I agree. This is the direction of the patch you are commenting on and the patch sets above. It would be great if you could have a look. > just a library that drivers for legacy hardware call. Local traffic won't set > and won't check checksums neither any related flags. The above will set flags, but not do the actual computations.
Best regards Michael > > -- > Gleb Smirnoff
