Page MenuHomeFreeBSD

ipfw: NAT steal TH_RES1 bit, instead of TH_AE
ClosedPublic

Authored by rscheff on Nov 7 2022, 12:52 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sun, Oct 27, 6:19 AM
Unknown Object (File)
Fri, Oct 18, 8:31 AM
Unknown Object (File)
Fri, Oct 18, 8:31 AM
Unknown Object (File)
Fri, Oct 18, 8:30 AM
Unknown Object (File)
Fri, Oct 18, 8:10 AM
Unknown Object (File)
Sep 25 2024, 10:18 AM
Unknown Object (File)
Sep 25 2024, 10:18 AM
Unknown Object (File)
Sep 24 2024, 6:43 PM

Details

Summary

Apparently the NAT module needs to track when the TCP checksum
has to be recalculated using TSO capable hardware. It used to
use the lowest bit of the tcphdr.th_x2 field. This now
collides with the use of this TCP header flag as AccECN (AE)
bit - and clearing it disables negotiation of AccECN across
a NAT device.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

The kernel part was tested with a NAT instance in my lab.

This revision is now accepted and ready to land.Nov 7 2022, 1:56 PM

FYI - The plan is also to MFC this to Stable/13 (prior to 13.2 release) and Stable/12