From owner-freebsd-xen@freebsd.org Tue Jul 14 12:36:50 2015 Return-Path: Delivered-To: freebsd-xen@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 13DA29992BD for ; Tue, 14 Jul 2015 12:36:50 +0000 (UTC) (envelope-from syd.meyer@gmail.com) Received: from mail-wi0-x232.google.com (mail-wi0-x232.google.com [IPv6:2a00:1450:400c:c05::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A35948D1 for ; Tue, 14 Jul 2015 12:36:49 +0000 (UTC) (envelope-from syd.meyer@gmail.com) Received: by wibud3 with SMTP id ud3so54484270wib.1 for ; Tue, 14 Jul 2015 05:36:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:content-type:content-transfer-encoding:subject:message-id:date :to:mime-version; bh=pW6MMDZbhBaCajNWIBicF+SzYV21ev62/EMA1TNU49g=; b=UO3JKBZ8Y/gBfpbgBwPm6qHYFQbv/U8L/8cx6POzgzuUx8kEAVfTs1auzwqw+DlEeK VnbJ0jH9EOnpwJzmLXzMAxKAyerFKMTtqLK8aPym4x/uisPkbBAQUv9Z9xiNsFpjX7g3 mQzqzckn33U77/WB+hFnUer2YKSheMJ0y+m7uw5AuY5qvCWAaHCGnXLqF2P87HF64gbS npCezTa535Uw78Io3n8yWzJ+aq/u7Zp/hBbPgPgF42fbpDHoWd1h+3B6v3xwNXR4z/6b 8PzXu0AXAVGuVn8YZ7hEAKFFPEgQIItV2HQesmxKd0X7iRxtqnCD1SYOw2xhX+H3v994 OrcQ== X-Received: by 10.194.205.225 with SMTP id lj1mr75756148wjc.138.1436877408207; Tue, 14 Jul 2015 05:36:48 -0700 (PDT) Received: from macbookpro.bob.sydneymeyer.net (64.167-243-81.adsl-dyn.isp.belgacom.be. [81.243.167.64]) by smtp.gmail.com with ESMTPSA id jy6sm1847550wjc.4.2015.07.14.05.36.46 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 14 Jul 2015 05:36:47 -0700 (PDT) From: Sydney Meyer Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Subject: Networking under Xen Message-Id: <4E7B7075-4E0D-4EA7-9F5D-6D252CFBD487@gmail.com> Date: Tue, 14 Jul 2015 14:36:48 +0200 To: freebsd-xen@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2102\)) X-Mailer: Apple Mail (2.2102) X-BeenThere: freebsd-xen@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Discussion of the freebsd port to xen - implementation and usage List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Jul 2015 12:36:50 -0000 Hello everybody, i have noticed some odd behaviour with networking under Xen with FreeBSD = 10 as a DomU. - IPv6 (TCP) bandwith drops from ~10 Gbit/s IPv4 to around 3 Gbit/s = IPv6. (measured with iperf) - Dropped/Stalled Connections with TCP Segmentation Offload and pf = enabled. - IPSEC-enabled Kernel TCP Performance drops from ~10 Gbit/s to ~200 = Mbit/s (iperf). I have observed this behaviour under Freebsd 10, 10.1 and 10 Stable. The Hypervisor is running Xen 4.4 with a Linux 3.16 Dom0. Any Suggestions?= From owner-freebsd-xen@freebsd.org Tue Jul 14 16:15:28 2015 Return-Path: Delivered-To: freebsd-xen@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 23DD49A191D for ; Tue, 14 Jul 2015 16:15:28 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id F108CFC for ; Tue, 14 Jul 2015 16:15:27 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailout.nyi.internal (Postfix) with ESMTP id 11A5320948 for ; Tue, 14 Jul 2015 12:15:27 -0400 (EDT) Received: from web3 ([10.202.2.213]) by compute2.internal (MEProxy); Tue, 14 Jul 2015 12:15:27 -0400 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-sasl-enc:x-sasl-enc; s=smtpout; bh=RUZPMyyhY8tx6mL /ZW0HILCbrcw=; b=uOgVhkdFx5kXoD7Pz66E0dA7RKrMXvzb4DIlMYUEU/Ck0BQ 7jrmUbduemOU1nzvukEv1JLv2cWSYajnoNByN28B2GpPVdxTf73j4Cl1heRy5zrM 1bnzlibsNa3PrbPgnwqej5cVdMQlToio9NzaZenihFEiATY70MskwSQxzjNY= Received: by web3.nyi.internal (Postfix, from userid 99) id E17EC103B8D; Tue, 14 Jul 2015 12:15:26 -0400 (EDT) Message-Id: <1436890526.3162974.323521249.6B73E6E2@webmail.messagingengine.com> X-Sasl-Enc: memLubk/i4l3wTdDaW1JUT2YlfDBYmB0R2384ypFxvd2 1436890526 From: Mark Felder To: freebsd-xen@freebsd.org Cc: gnn@freebsd.org MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain X-Mailer: MessagingEngine.com Webmail Interface - ajax-63a5d8c6 Subject: Re: Networking under Xen Date: Tue, 14 Jul 2015 11:15:26 -0500 In-Reply-To: <4E7B7075-4E0D-4EA7-9F5D-6D252CFBD487@gmail.com> References: <4E7B7075-4E0D-4EA7-9F5D-6D252CFBD487@gmail.com> X-BeenThere: freebsd-xen@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Discussion of the freebsd port to xen - implementation and usage List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Jul 2015 16:15:28 -0000 On Tue, Jul 14, 2015, at 07:36, Sydney Meyer wrote: > Hello everybody, > > i have noticed some odd behaviour with networking under Xen with FreeBSD > 10 as a DomU. > > - IPv6 (TCP) bandwith drops from ~10 Gbit/s IPv4 to around 3 Gbit/s IPv6. > (measured with iperf) > What is the "before" and "after" here? When is FreeBSD successfully doing 10Gbit/s and when isn't it? Is pf enabled? Are you scrubbing? > - Dropped/Stalled Connections with TCP Segmentation Offload and pf > enabled. > TSO is a known issue. I've been turning it off for years to get FreeBSD to play nice on Xen. > - IPSEC-enabled Kernel TCP Performance drops from ~10 Gbit/s to ~200 > Mbit/s (iperf). > Are you saying FreeBSD non-IPSEC kernel can do 10Gbit/s TCP performance, but IPSEC kernel immediately drops it to 200Mbit/s? From owner-freebsd-xen@freebsd.org Tue Jul 14 18:55:48 2015 Return-Path: Delivered-To: freebsd-xen@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D42449A118D for ; Tue, 14 Jul 2015 18:55:48 +0000 (UTC) (envelope-from bounces+73574-0602-freebsd-xen=freebsd.org@sendgrid.net) Received: from o1.l99.sendgrid.net (o1.l99.sendgrid.net [198.37.153.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 82DAAF6C for ; Tue, 14 Jul 2015 18:55:47 +0000 (UTC) (envelope-from bounces+73574-0602-freebsd-xen=freebsd.org@sendgrid.net) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sendgrid.info; h=from:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; s=smtpapi; bh=PtJBYCjKkZKfuin9TiEmnBf0PRQ=; b=W2EvBfgmXowQm/Ty5W a8AFJx406+HgUXwOygcIMcF1gTPndItL8q00L3oMWYwP6W+IbdAbWG6vK8Ckk1og dH0e8uXDR31A1x8SSlece8r5UJuDjS8IZPc8TrR8aTmKGCiaX+OPLa5P9yOJCLWR ha/MqwwXc01V8cmyjpJ17FGvw= Received: by filter0569p1mdw1.sendgrid.net with SMTP id filter0569p1mdw1.15118.55A55B309 2015-07-14 18:55:44.343286425 +0000 UTC Received: from mail.tarsnap.com (ec2-54-86-246-204.compute-1.amazonaws.com [54.86.246.204]) by ismtpd-034 (SG) with ESMTP id 14e8dec3495.2f6c.516cea for ; Tue, 14 Jul 2015 18:55:44 +0000 (UTC) Received: (qmail 16093 invoked from network); 14 Jul 2015 18:51:56 -0000 Received: from unknown (HELO clamshell.daemonology.net) (127.0.0.1) by ec2-107-20-205-189.compute-1.amazonaws.com with ESMTP; 14 Jul 2015 18:51:56 -0000 Received: (qmail 97398 invoked from network); 14 Jul 2015 18:54:32 -0000 Received: from unknown (HELO clamshell.daemonology.net) (127.0.0.1) by clamshell.daemonology.net with SMTP; 14 Jul 2015 18:54:32 -0000 Message-ID: <55A55AE8.4090101@freebsd.org> Date: Tue, 14 Jul 2015 11:54:32 -0700 From: Colin Percival User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 MIME-Version: 1.0 To: Mark Felder , freebsd-xen@freebsd.org CC: gnn@freebsd.org Subject: Re: Networking under Xen References: <4E7B7075-4E0D-4EA7-9F5D-6D252CFBD487@gmail.com> <1436890526.3162974.323521249.6B73E6E2@webmail.messagingengine.com> In-Reply-To: <1436890526.3162974.323521249.6B73E6E2@webmail.messagingengine.com> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit X-SG-EID: RUbAm5H8PjswBj/QH+sYVehaJogg3iBnZcyVi1bw/IzLq/G9GHWzk+yW/aLPpKZgXeKlAR96v/S+r6 CwJeffdvfgslHtBPEAEoo+O0Tk7F6AQWyEg8TZvyufp3Mhye0y/N6kkyIFHJ43ij+v80fho5mwpAx2 u4/shTEmswhfwSmYXcQy5KuKYWauFpethMYT X-BeenThere: freebsd-xen@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Discussion of the freebsd port to xen - implementation and usage List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Jul 2015 18:55:48 -0000 On 07/14/15 09:15, Mark Felder wrote: > On Tue, Jul 14, 2015, at 07:36, Sydney Meyer wrote: >> - Dropped/Stalled Connections with TCP Segmentation Offload and pf >> enabled. > > TSO is a known issue. I've been turning it off for years to get FreeBSD > to play nice on Xen. More precisely *pf* is a known issue. It's inserting TCP checksums into TSO packets. I reported this a long time ago and I don't know why pf still hasn't been fixed. -- Colin Percival Security Officer Emeritus, FreeBSD | The power to serve Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid From owner-freebsd-xen@freebsd.org Tue Jul 14 19:23:02 2015 Return-Path: Delivered-To: freebsd-xen@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id AEEC49A16FE for ; Tue, 14 Jul 2015 19:23:02 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 83FF41180 for ; Tue, 14 Jul 2015 19:23:02 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailout.nyi.internal (Postfix) with ESMTP id B7D892038E for ; Tue, 14 Jul 2015 15:23:00 -0400 (EDT) Received: from web3 ([10.202.2.213]) by compute2.internal (MEProxy); Tue, 14 Jul 2015 15:23:00 -0400 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-sasl-enc:x-sasl-enc; s=smtpout; bh=n7ZWyY/If+XtZT9 FRWi1vLnVzTs=; b=ePedEkpowrCEnP/XOaEJJVUoJatly+T1zfocZ3uShJNG3sD xkKQrTa61Zem+G2+BAN4UK9xnCefCWQfdBqInGzl615dALsZ/WiuY1KRjG3lwxNJ uic/AcQt2kKcuGuLYfxMuK3CY2hVjo+OkDgitRqZhuVuPKHgm1f4H3zjfnYg= Received: by web3.nyi.internal (Postfix, from userid 99) id 9412010867F; Tue, 14 Jul 2015 15:23:00 -0400 (EDT) Message-Id: <1436901780.3211878.323698017.360F8D73@webmail.messagingengine.com> X-Sasl-Enc: 1TCki4590s22CAEU6njYFKyMyI/WL0Zw4looSasN3Y+7 1436901780 From: Mark Felder To: Colin Percival , freebsd-xen@freebsd.org Cc: gnn@freebsd.org, Kristof Provost MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain X-Mailer: MessagingEngine.com Webmail Interface - ajax-63a5d8c6 Subject: Re: Networking under Xen Date: Tue, 14 Jul 2015 14:23:00 -0500 In-Reply-To: <55A55AE8.4090101@freebsd.org> References: <4E7B7075-4E0D-4EA7-9F5D-6D252CFBD487@gmail.com> <1436890526.3162974.323521249.6B73E6E2@webmail.messagingengine.com> <55A55AE8.4090101@freebsd.org> X-BeenThere: freebsd-xen@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Discussion of the freebsd port to xen - implementation and usage List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Jul 2015 19:23:02 -0000 On Tue, Jul 14, 2015, at 13:54, Colin Percival wrote: > On 07/14/15 09:15, Mark Felder wrote: > > On Tue, Jul 14, 2015, at 07:36, Sydney Meyer wrote: > >> - Dropped/Stalled Connections with TCP Segmentation Offload and pf > >> enabled. > > > > TSO is a known issue. I've been turning it off for years to get FreeBSD > > to play nice on Xen. > > More precisely *pf* is a known issue. It's inserting TCP checksums > into TSO packets. I reported this a long time ago and I don't know > why pf still hasn't been fixed. > I think Kristof may have solved this in HEAD with all of the care and feeding he has been doing to pf, but I haven't verified. From owner-freebsd-xen@freebsd.org Tue Jul 14 21:45:03 2015 Return-Path: Delivered-To: freebsd-xen@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 535679A159A for ; Tue, 14 Jul 2015 21:45:03 +0000 (UTC) (envelope-from syd.meyer@gmail.com) Received: from mail-wg0-x244.google.com (mail-wg0-x244.google.com [IPv6:2a00:1450:400c:c00::244]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id E1EED16D4 for ; Tue, 14 Jul 2015 21:45:02 +0000 (UTC) (envelope-from syd.meyer@gmail.com) Received: by wgkl9 with SMTP id l9so1817603wgk.2 for ; Tue, 14 Jul 2015 14:45:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date :content-transfer-encoding:message-id:references:to; bh=PIBxQ4M3chSm640/rpso/HUqg5TmcGwcMTsFRavfzN4=; b=Ms5zoaZx6+COvjNlsE6XeL3vwiVAzNOkYDjQMqZEOn/Gn0idSI/pVs7ZIg8XOyiHqx yg+SN9XgBHnmj5o5aQ30x8DRHudc1BPz8MBtwkO91U0UACVxA0aic6Er9WyROcIJEvHL CkO81qkb0uoEgRczMzPa74eqLCmhkfRjdZLcSjb15W6sI6rd8adgm1SQcFHkxBGqyBXm Zr1JUGO/cMDgIJ8d3rEN0JSadoxobd/ZmiG3saxiB6E0alzgr4jywh6Q+5MHEbEdKtd5 djtXyaUN6sidM7IgdZWjQsxFNlnzMvkJlC+OgZ7uoZgAUL9QvMjoBuiZUf0AC+rMRLJP SJ+Q== X-Received: by 10.194.179.167 with SMTP id dh7mr1364853wjc.15.1436910301289; Tue, 14 Jul 2015 14:45:01 -0700 (PDT) Received: from macbookpro.home.sydneymeyer.net (131.69-67-87.adsl-dyn.isp.belgacom.be. [87.67.69.131]) by smtp.gmail.com with ESMTPSA id m10sm5479002wib.17.2015.07.14.14.45.00 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 14 Jul 2015 14:45:00 -0700 (PDT) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 9.0 \(3067\)) Subject: Re: Networking under Xen From: Sydney Meyer In-Reply-To: <1436890526.3162974.323521249.6B73E6E2@webmail.messagingengine.com> Date: Tue, 14 Jul 2015 23:44:59 +0200 Content-Transfer-Encoding: quoted-printable Message-Id: <4B6D4AEF-6107-4F95-9F5A-F0EA137809AC@gmail.com> References: <4E7B7075-4E0D-4EA7-9F5D-6D252CFBD487@gmail.com> <1436890526.3162974.323521249.6B73E6E2@webmail.messagingengine.com> To: freebsd-xen@freebsd.org X-Mailer: Apple Mail (2.3067) X-BeenThere: freebsd-xen@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Discussion of the freebsd port to xen - implementation and usage List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Jul 2015 21:45:03 -0000 > On 14 Jul 2015, at 18:15, Mark Felder wrote: >=20 >=20 >=20 > On Tue, Jul 14, 2015, at 07:36, Sydney Meyer wrote: >> Hello everybody, >>=20 >> i have noticed some odd behaviour with networking under Xen with = FreeBSD >> 10 as a DomU. >>=20 >> - IPv6 (TCP) bandwith drops from ~10 Gbit/s IPv4 to around 3 Gbit/s = IPv6. >> (measured with iperf) >>=20 >=20 > What is the "before" and "after" here? When is FreeBSD successfully > doing 10Gbit/s and when isn't it? Is pf enabled? Are you scrubbing? With two clean 10.1 AMD64 DomU installations both with a single, pinned = cpu, without pf enabled the TCP performance between the two hosts, = measured with iperf, differs between ~10 Gb/s on IPv4 and ~3 Gb/s on = IPv6. With pf enabled and "scrub in all" the difference is almost the = same. >=20 >> - Dropped/Stalled Connections with TCP Segmentation Offload and pf >> enabled. >>=20 >=20 > TSO is a known issue. I've been turning it off for years to get = FreeBSD > to play nice on Xen. This one i am still investigating, because it happens only in "certain" = situations (which are not clear to me, atm), but the host seems to drop = ACK Packets in some situations like when connected to via IPSEC or via = double NAT. This happens only when pf it actually enabled. Disabling TSO = on the xn-interface seems to help. >=20 >> - IPSEC-enabled Kernel TCP Performance drops from ~10 Gbit/s to ~200 >> Mbit/s (iperf). >>=20 >=20 > Are you saying FreeBSD non-IPSEC kernel can do 10Gbit/s TCP = performance, > but IPSEC kernel immediately drops it to 200Mbit/s? As for the apparent performance drop with IPSEC enabled Kernels without = security associations installed, i am unable to reproduce this now, not = on 10.0 or 10.1 nor 10 STABLE. Only when actually _using_ IPSec the = performance drops from ~10Gb/s to around ~200Mb/s whether actually = encrypting esp traffic or not. This clearly must have been a mistake on my side, although i could have = sworn that i checked this two times before asking on the forums and the = -net mailing list a few weeks ago. Well then, i am sincerely sorry about = this one. > _______________________________________________ > freebsd-xen@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-xen > To unsubscribe, send any mail to "freebsd-xen-unsubscribe@freebsd.org" From owner-freebsd-xen@freebsd.org Wed Jul 15 07:44:10 2015 Return-Path: Delivered-To: freebsd-xen@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 59B8D9A239C for ; Wed, 15 Jul 2015 07:44:10 +0000 (UTC) (envelope-from kp@FreeBSD.org) Received: from venus.codepro.be (venus.codepro.be [IPv6:2a01:4f8:162:1127::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.codepro.be", Issuer "Gandi Standard SSL CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 218D514A1; Wed, 15 Jul 2015 07:44:10 +0000 (UTC) (envelope-from kp@FreeBSD.org) Received: from [192.168.18.125] (unknown [81.83.8.162]) by venus.codepro.be (Postfix) with ESMTPSA id C514811AB2; Wed, 15 Jul 2015 09:44:04 +0200 (CEST) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2102\)) Subject: Re: Networking under Xen From: Kristof Provost In-Reply-To: <1436901780.3211878.323698017.360F8D73@webmail.messagingengine.com> Date: Wed, 15 Jul 2015 09:44:02 +0200 Cc: Colin Percival , freebsd-xen@freebsd.org, gnn@freebsd.org Content-Transfer-Encoding: quoted-printable Message-Id: <20F2398D-ECDF-4CF4-966D-18C894779C4C@FreeBSD.org> References: <4E7B7075-4E0D-4EA7-9F5D-6D252CFBD487@gmail.com> <1436890526.3162974.323521249.6B73E6E2@webmail.messagingengine.com> <55A55AE8.4090101@freebsd.org> <1436901780.3211878.323698017.360F8D73@webmail.messagingengine.com> To: Mark Felder X-Mailer: Apple Mail (2.2102) X-BeenThere: freebsd-xen@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Discussion of the freebsd port to xen - implementation and usage List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 Jul 2015 07:44:10 -0000 > On 14 Jul 2015, at 21:23, Mark Felder wrote: > On Tue, Jul 14, 2015, at 13:54, Colin Percival wrote: >> On 07/14/15 09:15, Mark Felder wrote: >> More precisely *pf* is a known issue. It's inserting TCP checksums >> into TSO packets. I reported this a long time ago and I don't know >> why pf still hasn't been fixed. >>=20 >=20 > I think Kristof may have solved this in HEAD with all of the care and > feeding he has been doing to pf, but I haven't verified. >=20 I wouldn=E2=80=99t expect so. As far as I know I=E2=80=99ve not fixed = anything TSO or checksum related. In fact, https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D172648 is at the top of my TODO list right now. Regards, Kristof= From owner-freebsd-xen@freebsd.org Wed Jul 15 07:55:43 2015 Return-Path: Delivered-To: freebsd-xen@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 522AB9A258E for ; Wed, 15 Jul 2015 07:55:43 +0000 (UTC) (envelope-from bounces+73574-0602-freebsd-xen=freebsd.org@sendgrid.net) Received: from o3.shared.sendgrid.net (o3.shared.sendgrid.net [208.117.48.85]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E6BE61D26 for ; Wed, 15 Jul 2015 07:55:42 +0000 (UTC) (envelope-from bounces+73574-0602-freebsd-xen=freebsd.org@sendgrid.net) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sendgrid.info; h=from:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; s=smtpapi; bh=30ICWjc1YAus4ITRLmYtRMvh00E=; b=NETxeMlnb9me1oRXh2 ZfrsctIxyXdM3unOuu2nVBeWN5gSxNUWV3Qgah/KoC4uJbt8vcoDr1CGDt5NYwfA +behcUQ2yuQkImRNihYCb5aCKqF/1bW2kcfnyNjUhd8246cKu7GjbpvB2a3SFa5n tfDh1IXmpErYk+ljpLV0ZiDiQ= Received: by filter0449p1mdw1.sendgrid.net with SMTP id filter0449p1mdw1.6727.55A611DD10 2015-07-15 07:55:39.775588366 +0000 UTC Received: from ismtpd-034.iad1.sendgrid.net ([UNAVAILABLE]. [10.42.2.122]) by 10.42.243.103:2500 (trex/5.2.14); Wed, 15 Jul 2015 07:55:40 GMT Received: from mail.tarsnap.com (ec2-54-86-246-204.compute-1.amazonaws.com [54.86.246.204]) by ismtpd-034 (SG) with ESMTP id 14e90b63e3d.2f72.341ec9 for ; Wed, 15 Jul 2015 07:55:39 +0000 (UTC) Received: (qmail 44729 invoked from network); 15 Jul 2015 07:51:51 -0000 Received: from unknown (HELO clamshell.daemonology.net) (127.0.0.1) by ec2-107-20-205-189.compute-1.amazonaws.com with ESMTP; 15 Jul 2015 07:51:51 -0000 Received: (qmail 1373 invoked from network); 15 Jul 2015 07:54:25 -0000 Received: from unknown (HELO clamshell.daemonology.net) (127.0.0.1) by clamshell.daemonology.net with SMTP; 15 Jul 2015 07:54:25 -0000 Message-ID: <55A611B1.6000000@freebsd.org> Date: Wed, 15 Jul 2015 00:54:25 -0700 From: Colin Percival User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 MIME-Version: 1.0 To: Kristof Provost , Mark Felder CC: freebsd-xen@freebsd.org, gnn@freebsd.org Subject: Re: Networking under Xen References: <4E7B7075-4E0D-4EA7-9F5D-6D252CFBD487@gmail.com> <1436890526.3162974.323521249.6B73E6E2@webmail.messagingengine.com> <55A55AE8.4090101@freebsd.org> <1436901780.3211878.323698017.360F8D73@webmail.messagingengine.com> <20F2398D-ECDF-4CF4-966D-18C894779C4C@FreeBSD.org> In-Reply-To: <20F2398D-ECDF-4CF4-966D-18C894779C4C@FreeBSD.org> Content-Type: text/plain; charset=utf-8 content-transfer-encoding: quoted-printable X-SG-EID: RUbAm5H8PjswBj/QH+sYVehaJogg3iBnZcyVi1bw/IyyYeagdPI4iqP7Yc4brDHRt3Gat+r6u/rb9B XHSDv2JigFY3Gdw2kYvDeg80o+Ey4hQV+FFHfNx8GIOtMn/TMfzC4eIO1bkv83+xo1w8PZXwl+8qux 6cUnKRjtP3jPn5wG20QJFDRnW7Jh7ZvcWGqb X-BeenThere: freebsd-xen@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Discussion of the freebsd port to xen - implementation and usage List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 Jul 2015 07:55:43 -0000 On 07/15/15 00:44, Kristof Provost wrote:=0D >> On 14 Jul 2015, at 21:23, Mark Felder wrote:=0D >> On Tue, Jul 14, 2015, at 13:54, Colin Percival wrote:=0D >>> More precisely *pf* is a known issue. It's inserting TCP checksums=0D >>> into TSO packets. I reported this a long time ago and I don't know=0D >>> why pf still hasn't been fixed.=0D >>=0D >> I think Kristof may have solved this in HEAD with all of the care and=0D >> feeding he has been doing to pf, but I haven't verified.=0D >=0D > I wouldn=E2=80=99t expect so. As far as I know I=E2=80=99ve not fixed any= thing TSO or=0D > checksum related.=0D =0D In my tests, deleting these lines from pf_ioctl.c=0D =0D 3570 /* We need a proper CSUM befor we start (s. OpenBSD ip_output) */=0D 3571 if ((*m)->m_pkthdr.csum_flags & CSUM_DELAY_DATA) {=0D 3572 in_delayed_cksum(*m);=0D 3573 (*m)->m_pkthdr.csum_flags &=3D ~CSUM_DELAY_DATA;=0D 3574 }=0D =0D unbreaks pf+TSO on EC2 instances. I'm not entirely sure why these lines=0D are there in the first place, which is why I didn't want to simply go in=0D and remove them -- but it may be that wrapping those lines in something=0D like "if ((csum_flags & CSUM_TSO) =3D=3D 0)" would solve the problem withou= t=0D breaking anything else.=0D =0D -- =0D Colin Percival=0D Security Officer Emeritus, FreeBSD | The power to serve=0D Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid From owner-freebsd-xen@freebsd.org Fri Jul 17 19:03:01 2015 Return-Path: Delivered-To: freebsd-xen@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E40C09A4D22 for ; Fri, 17 Jul 2015 19:03:01 +0000 (UTC) (envelope-from jeroen@dckd.nl) Received: from positron.dckd.nl (positron.dckd.nl [IPv6:2a02:898:62:f6::63]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A7F7A11C8 for ; Fri, 17 Jul 2015 19:03:01 +0000 (UTC) (envelope-from jeroen@dckd.nl) Received: from [IPv6:2001:610:6a1::62f8:1dff:fecd:35e6] (unknown [IPv6:2001:610:6a1:0:62f8:1dff:fecd:35e6]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by positron.dckd.nl (Postfix) with ESMTPSA id E1B4415008E for ; Fri, 17 Jul 2015 19:03:09 +0200 (CEST) From: Jeroen van der Ham Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Subject: Xen console on 10.1 DomU Message-Id: <4C92646F-4307-4A45-B35E-DFBD09A71313@dckd.nl> Date: Fri, 17 Jul 2015 21:02:57 +0200 To: freebsd-xen@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2102\)) X-Mailer: Apple Mail (2.2102) X-BeenThere: freebsd-xen@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Discussion of the freebsd port to xen - implementation and usage List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 17 Jul 2015 19:03:02 -0000 Hi, What is the current way of getting a xen console on a FreeBSD 10.1 DomU? I=E2=80=99ve been searching on: * https://wiki.freebsd.org/FreeBSD/Xen (reasonably up to date, but has = no info on console) * http://wiki.xen.org (completely outdated, =E2=80=9Cofficial=E2=80=9D = documentation points to installation of FreeBSD 7.2(!)) I found instructions to add a line to /boot/loader.conf = (console=3D"comconsole=E2=80=9D) or a line to /etc/ttys (xc0 "/usr/libexec/getty Pc" vt100 = on secure) But in either case I am getting an error on the Linux Dom0: xenconsole: Could not read tty from store: No such file or directory Is it still possible to get a console from a Linux Dom0? How? What would be the best place to publish instructions for that? Thanks, Jeroen.