lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID:  <20070918080525.7a49d110@freepuppy.rosehill.hemminger.net>
Date:	Tue, 18 Sep 2007 08:05:25 -0700
From:	Stephen Hemminger <shemminger@...ux-foundation.org>
To:	linux-kernel@...r.kernel.org
Subject:  Re: PROBLEM: Network sky2 Module

On Tue, 18 Sep 2007 10:28:43 -0400
Bill Davidsen <davidsen@....com> wrote:

> ben soo wrote:
> > i'm experiencing this problem myself.  i have 2 servers, one using 
> > X86_64 kernel version 2.6.23-rc5 on a 100Mbit network and one with i386 
> > kernel version 2.6.23-rc6 on a 1Gbit network.
> > 
> > They both have this issue with the sky2 network device driver whereby 
> > the device would stop working and need to be brought down and back up.
> > 
> > On the X86_64 kernel on a 100Mbit network, this is a very occasional 
> > thing, while on the i386 kernel on a 1Gbit network the device only works 
> > for a few minutes at a time.  If i set the MTU to 7200 then the device 
> > seems to stay functional, but then i see long delays when it's talking 
> > to 100Mbit devices with standard 1500 MTU that are outside of its LAN 
> > segment.
> > 
> > This last might be an artifact caused by the firewall, i dunno.
> > 
> Yes, I have found that I get far less problem in this area leaving the 
> MTU at 1500, then putting a larger MTU (usually 9000) into the routing 
> table for segments, or even just machines, where I know there is direct 
> connectivity. I use 9000 MTU with my directly connected file server, 
> 1500 elsewhere. I can go to 9000 for nbd servers as well, assuming the 
> connection doesn't pass a firewall.
> 
> I have some hints that while the switches I use will speak 10/100/1000 
> between machines with different speeds, and will handle jumbo packets 
> between machines at the same speed, if I'm going Gbit/jumbo to 
> 1500/slower performance seems to suffer more than talking smaller 
> packets. That may be because window size needs to be even larger or 
> something.
> 
> I have some legacy machines talking 10Mbit/half on 10base2 cable, I may 
> be seeing more of this than the average site. That's legacy as in 
> "attached to something expensive to replace."
> 

If you want to use Jumbo frames, you need to have routers and firewalls
that correctly handle ICMP and do path MTU discovery. If you have bridges
or firewalls that aren't Jumbo aware on both interfaces, then there will
be long timeouts retries for each connection. If you have busted routers
and firewalls that swallow ICMP then PMTU won't work well either.


-- 
Stephen Hemminger <shemminger@...ux-foundation.org>

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ