Re: [lvs-users] LVS and Broadcom bug

To:	"LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>, Jean-Sébastien Frerot <jean-sebastien.frerot@xxxxxxxxxxxx>
Subject:	Re: [lvs-users] LVS and Broadcom bug
Cc:	lvs-users@xxxxxxxxxxxxxxxxxxxxxx
From:	Chris Chen <chchen@xxxxxxx>
Date:	Tue, 26 Oct 2010 09:52:00 -0700

Quoting Jean-Sébastien Frerot <jean-sebastien.frerot@xxxxxxxxxxxx>:

>>         Hello,
>>
>> On Mon, 30 Nov 2009, Simon Horman wrote:
>>
>> >/ >     The problem exists because IPVS does not/
>> >/ > disable LRO, it must be done under RTNL and IPVS never runs/
>> >/ > in this context. And LRO is not supported for forwarding:/
>> >/ > /
>> >/ > http://marc.info/?l=linux-netdev&m=121389887114416&w=2  
>> <http://marc.info/?l=linux-netdev&m=121389887114416&w=2>/
>> >/ > /
>> >/ >     IPVS does not call ip_forward for DR method, that/
>> >/ > is why you do not need forwarding and the LRO warning/
>> >/ > does not occur before hitting the GSO code. ip_forward/
>> >/ > just drops LRO packets:/
>> >/ > /
>> >/ >         if (skb_warn_if_lro(skb))/
>> >/ >                 goto drop;/
>> >/ /
>> >/ Hi Julian,/
>> >/ /
>> >/ do you have any thoughts on how the code might be improved/
>> >/ to handle this case a bit better?/
>> >/ /
>> >/ Perhaps something along the lines of the/
>> >/ code for LRO in ip_forward?/
>>
>>         If you want to disable LRO in IPVS
>> net/ipv4/devinet.c:inet_forward_change() is an example what
>> should be done in process context if you want to disable
>> LRO for all existing devices. Then call skb_warn_if_lro
>> near or in IP_VS_XMIT and also before calling ip_local_out().
>> May be LRO can be disabled when the first virtual or
>> may be real service is added to allow LRO to work if IPVS
>> is just compiled.
>>
>> Regards
>>
>> --
>> Julian Anastasov <ja@xxxxxx>
>>
> Hi,
>   Do you guys know if there is any plan to fix this in ipvs soon ? We
> have this exact problem when using ipvs and 2 different network cards
> (intel and broadcom).


Could this be breaking SSL over LVS-DR? I've been seeing a problem  
where SSL handshakes fail intermittently with certain clients (Windows  
7, particularly), and using LVS-NAT seems to fix it.

cc



_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [lvs-users] LVS and Broadcom bug, Jean-Sébastien Frerot Re: [lvs-users] LVS and Broadcom bug, Chris Chen <= Re: [lvs-users] LVS and Broadcom bug, Simon Horman Re: [lvs-users] LVS and Broadcom bug, Simon Horman

Previous by Date:	Re: [lvs-users] LVS and Broadcom bug, Jean-Sébastien Frerot
Next by Date:	Re: [lvs-users] LVS and Broadcom bug, Simon Horman
Previous by Thread:	Re: [lvs-users] LVS and Broadcom bug, Jean-Sébastien Frerot
Next by Thread:	Re: [lvs-users] LVS and Broadcom bug, Simon Horman
Indexes:	[Date] [Thread] [Top] [All Lists]