[Bug 930962] Re: dhcp3-server reports many bad udp checksums to syslog using virtio NIC

Serge Hallyn 930962 at bugs.launchpad.net
Thu Oct 31 00:11:58 UTC 2013


> 16:13 <rbasak> hallyn_: if not, then "iptables -D" can delete a rule by its specification, 
>                so perhaps "iptables -D ... || true; iptables -A ..." is a (hacky) 
>                workaround?

I think I prefer to keep a file like /run/lxc/features/iptables-checksum
to show that it's been done, or just check the iptables -L output.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to isc-dhcp in Ubuntu.
https://bugs.launchpad.net/bugs/930962

Title:
  dhcp3-server reports many bad udp checksums to syslog using virtio NIC

Status in “dhcp3” package in Ubuntu:
  Fix Released
Status in “isc-dhcp” package in Ubuntu:
  Fix Released
Status in “lxc” package in Ubuntu:
  Confirmed
Status in “dhcp3” source package in Lucid:
  Fix Released
Status in “isc-dhcp” source package in Precise:
  Fix Released
Status in “isc-dhcp” source package in Quantal:
  Fix Released

Bug description:
  == Rationale ==
  Machines using virtio (kvm/xen) and running a dhcp server in a VM won't receive the proper udp checksums which leads to dhcpd dropping the packets.
  This patch forces the checksum to be calculated in such case.

  == Test case ==
  1) Install a dhcp server in a VM using kvm/xen
  2) Make sure you don't have iptables re-calculating the checksums for you
  3) Check that the requests go through as expected

  == Regression potential ==
  Raring has had that fix for a while, so does redhat, so it looks pretty safe to me.


  --- original bug report ---
  Tested with  dhcp3-server ver. 3.1.3-2ubuntu3.3  in Ubuntu 10.04.3 Server, x64.

  The DHCP server reports that UDP packets sent to it have bad
  checksums:

  Feb 11 06:57:18 ... dhcpd: 5 bad udp checksums in 5 packets
  Feb 11 06:58:22 ... dhcpd: last message repeated 7 times
  Feb 11 06:59:17 ... dhcpd: last message repeated 7 times

  The DHCP server host is a KVM virtual machine using a virtio-based
  virtual NIC.

  This problem has been reported for other distros using KVM and virtio:

  https://bugs.mageia.org/show_bug.cgi?id=1243

  http://www.mail-archive.com/kvm@vger.kernel.org/msg41958.html
   - suggests using iptables to write in a checksum

  http://pkgs.fedoraproject.org/gitweb/?p=dhcp.git;a=blob;f=dhcp-4.2.2-xen-checksum.patch;h=038d346d726e131f1ab2579fe015a72b49733a0d;hb=HEAD
   - Fedora patch to dhcp to avoid this

  The simplest workaround is to change the virtual NIC type from virtio
  to Intel e1000 in KVM. Apparently this driver calculates checksums.
  But virtio is the default driver type.

  Thanks,
  Tim Miller Dyck

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dhcp3/+bug/930962/+subscriptions



More information about the foundations-bugs mailing list