lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CACKFLinpYTDTxzBaijdSTE9q+5Ln4Sbo5fGxRbY+wv6bwP=vOQ@mail.gmail.com>
Date:	Fri, 29 Apr 2016 14:29:24 -0700
From:	Michael Chan <michael.chan@...adcom.com>
To:	Alexander Duyck <alexander.duyck@...il.com>
Cc:	Alexander Duyck <aduyck@...antis.com>,
	Eugenia Emantayev <eugenia@...lanox.com>,
	Bruce W Allan <bruce.w.allan@...el.com>,
	Saeed Mahameed <saeedm@...lanox.com>,
	Netdev <netdev@...r.kernel.org>,
	intel-wired-lan <intel-wired-lan@...ts.osuosl.org>,
	Ariel Elior <ariel.elior@...gic.com>,
	Michael Chan <mchan@...adcom.com>
Subject: Re: [RFC PATCH 4/5] bnxt: Add support for segmentation of tunnels
 with outer checksums

On Fri, Apr 29, 2016 at 2:17 PM, Alexander Duyck
<alexander.duyck@...il.com> wrote:
> On Wed, Apr 27, 2016 at 9:32 PM, Michael Chan <michael.chan@...adcom.com> wrote:
>> On Wed, Apr 27, 2016 at 8:21 AM, Alexander Duyck
>> <alexander.duyck@...il.com> wrote:
>>> On Tue, Apr 26, 2016 at 10:55 PM, Michael Chan
>>> <michael.chan@...adcom.com> wrote:
>>>> On Tue, Apr 19, 2016 at 12:06 PM, Alexander Duyck <aduyck@...antis.com> wrote:
>>>>> This patch assumes that the bnxt hardware will ignore existing IPv4/v6
>>>>> header fields for length and checksum as well as the length and checksum
>>>>> fields for outer UDP and GRE headers.
>>>>>
>>>>> I have no means of testing this as I do not have any bnx2x hardware but
>>>>> thought I would submit it as an RFC to see if anyone out there wants to
>>>>> test this and see if this does in fact enable this functionality allowing
>>>>> us to to segment tunneled frames that have an outer checksum.
>>>>>
>>>>> Signed-off-by: Alexander Duyck <aduyck@...antis.com>
>>>>
>>>> Hi Alex, I just did a very quick test of this patch on our bnxt
>>>> hardware and it seemed to work.
>>>>
>>>> I created a vxlan endpoint with udpcsum enabled and I saw TSO packets
>>>> getting through.  I've verified that our hardware can be programmed to
>>>> either ignore outer UDP checksum or to calculate it.  Current default
>>>> is to ignore ipv4 UDP checksum and calculate ipv6 UDP checksum.
>>>> Thanks.
>>>
>>> Are you saying you can natively support UDP tunnel with outer checksum
>>> offload then?
>>
>> Yes.  Calculate or ignore the outer UDP checksum.
>
> I was just thinking about this.  When you say you compute the IPv6
> checksum how is it you are specifying to the hardware that you want to
> do that?  Is it something you can configure per packet or is it
> something that is configured for the VXLAN flow?

In the current version of the hardware, it is a global (chip-wide)
setting.  1 bit to control outer ipv4 vxlan and 1 bit for outer ipv6
vxlan.

>
> I just want to make sure you aren't adding checksums to IPv6 tunnels
> that specify that they don't want a checksum, or stripping them from
> v4 tunnels that do want a checksum.

If the global setting has outer UDP checksum enabled, it will be
calculated no matter what.  If the setting is disabled, it will just
ignore it without overwriting it.

Thanks.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ