Join Log in
Score:1
maurice77 avatar Server

Why do UDP packets generated by Linux running in a virtual machine have defective UDP checksums?

cv flag
maurice77

I've set up some interconnected qemu VMs to test out port forwarding rules. For now, my current blocker is much simpler and has nothing to do with port forwarding. When I send a UDP packet from a go program through the Linux OS, it is flagged as having a bad checksum by tcpdump on the interface from within the OS itself (before it has even gone through any bridging/gateways/etc). Is this expected/normal? Is there a fix for it?

16:37:22.899722 IP (tos 0x0, ttl 64, id 9829, offset 0, flags [DF], proto UDP ()
    192.168.0.2.36793 > 22.22.22.22.20000: [bad udp cksum 0xecf9 -> 0x989f!] UD0
        0x0000:  0200 0000 0202 0200 0000 0401 0800 4500
        0x0010:  0026 2665 4000 4011 278c c0a8 0002 1616
        0x0020:  1616 8fb9 4e20 0012 ecf9 5049 4e47 5f42
        0x0030:  5954 4553

For additional context, the networking device that the packet is going through is pci virtio, connected to a tap device.

Editing to add the output of ethtool -k:

# ethtool -k eth1
Features for eth1:
rx-checksumming: on [fixed]
tx-checksumming: on
        tx-checksum-ipv4: off [fixed]
        tx-checksum-ip-generic: on
        tx-checksum-ipv6: off [fixed]
        tx-checksum-fcoe-crc: off [fixed]
        tx-checksum-sctp: off [fixed]
scatter-gather: on
        tx-scatter-gather: on
        tx-scatter-gather-fraglist: off [fixed]
tcp-segmentation-offload: on
        tx-tcp-segmentation: on
        tx-tcp-ecn-segmentation: on
        tx-tcp-mangleid-segmentation: off
        tx-tcp6-segmentation: on
generic-segmentation-offload: on
generic-receive-offload: on
large-receive-offload: off [fixed]
rx-vlan-offload: off [fixed]
tx-vlan-offload: off [fixed]
ntuple-filters: off [fixed]
receive-hashing: off [fixed]
highdma: on [fixed]
rx-vlan-filter: on [fixed]
vlan-challenged: off [fixed]
tx-lockless: off [fixed]
netns-local: off [fixed]
tx-gso-robust: on [fixed]
tx-fcoe-segmentation: off [fixed]
tx-gre-segmentation: off [fixed]
tx-gre-csum-segmentation: off [fixed]
tx-ipxip4-segmentation: off [fixed]
tx-ipxip6-segmentation: off [fixed]
tx-udp_tnl-segmentation: off [fixed]
tx-udp_tnl-csum-segmentation: off [fixed]
tx-gso-partial: off [fixed]
tx-tunnel-remcsum-segmentation: off [fixed]
tx-sctp-segmentation: off [fixed]
tx-esp-segmentation: off [fixed]
tx-udp-segmentation: off [fixed]
tx-gso-list: off [fixed]
fcoe-mtu: off [fixed]
tx-nocache-copy: off
loopback: off [fixed]
rx-fcs: off [fixed]
rx-all: off [fixed]
tx-vlan-stag-hw-insert: off [fixed]
rx-vlan-stag-hw-parse: off [fixed]
rx-vlan-stag-filter: off [fixed]
l2-fwd-offload: off [fixed]
hw-tc-offload: off [fixed]
esp-hw-offload: off [fixed]
esp-tx-csum-hw-offload: off [fixed]
rx-udp_tunnel-port-offload: off [fixed]
tls-hw-tx-offload: off [fixed]
tls-hw-rx-offload: off [fixed]
rx-gro-hw: on
tls-hw-record: off [fixed]
rx-gro-list: off
macsec-hw-offload: off [fixed]
rx-udp-gro-forwarding: off
hsr-tag-ins-offload: off [fixed]
hsr-tag-rm-offload: off [fixed]
hsr-fwd-offload: off [fixed]
hsr-dup-offload: off [fixed]
121
1 + 0
Score:2
Peter Zhabin avatar Server
cn flag
Peter Zhabin

This is expected behavior, as UDP checksums are hardware offloaded by default and your packet would get a correct checksum once it goes out some real interface.

With tcpdump you're looking at packets that haven't got to hardware yet, so they don't have proper checksum assigned.

+ 1
maurice77 avatar
cv flag
maurice77
Seems it needs `ethtool -K eth1 tx-checksumming off` to disable the hardware offload, which does not work properly for some reason (as determined by tcpdump on a bridge interface connecting two VMs). Thanks for pointing me in the direction of the hardware offload.
1
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.