On Sun, 25 Jan 2004, Mike Silbersack wrote: > On Sat, 24 Jan 2004, Robert Watson wrote: > > > To pick up the corrupted packet on the machine where the corruption is > > occurring, you might want to try hooking up the UDP checksum drop case to > > BPF_MTAP() for a special BPF device or rule, or have it spit them into a > > raw socket (probably easier). > > He said that the packet's checksum passes, but it is corrupt, so this > won't work.
I may have misread: my reading was that the if_xl card marks the packet as having passed the checksum test, but if you let the OS do the checksum, the checksum fails. I.e., either the hardware checksumming is broken, or the data is corrupted between when the hardware does the checksum, and it reaches the OS buffer. As such, Sam's patch works because it tells the OS to ignore the checksum results from the hardware (although it doesn't disable the checking of checksums), causing the OS to recalculate the checksums and drop the packets rather than accepting them. The goal of the change I suggested would be to also do the checksums in the OS as well, which allows you to detect the bad packets, but instead of dropping them, funnel them aside for later analysis. However, if I've misread, sorry for the confusion! Robert N M Watson FreeBSD Core Team, TrustedBSD Projects [EMAIL PROTECTED] Senior Research Scientist, McAfee Research _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
