summary refs log tree commit diff stats
path: root/gitlab/issues_text/target_missing/host_missing/accel_missing/2962
diff options
context:
space:
mode:
Diffstat (limited to 'gitlab/issues_text/target_missing/host_missing/accel_missing/2962')
-rw-r--r--gitlab/issues_text/target_missing/host_missing/accel_missing/296222
1 files changed, 22 insertions, 0 deletions
diff --git a/gitlab/issues_text/target_missing/host_missing/accel_missing/2962 b/gitlab/issues_text/target_missing/host_missing/accel_missing/2962
new file mode 100644
index 000000000..43f4258c3
--- /dev/null
+++ b/gitlab/issues_text/target_missing/host_missing/accel_missing/2962
@@ -0,0 +1,22 @@
+DHCP UDP checksum workaround code appears to be broken
+Description of problem:
+I am running dnsmasq DHCP server in an lxc-container.  It is using a VETH pair for the network.  The VETH device on the host is in a bridge.  I create a TAP device and place it in the bridge.  When booting the guest, I notice that the DHCP OFFER has an invalid UDP checksum all the way through the bridge and into the guest.  I am able to fix this by disabling checksum offload inside the container, or adding an nftables rule that zeros out the checksum, or by reverting commit 7987d2be5a8bc3a502f89ba8cf3ac3e09f64d1ce.
+Steps to reproduce:
+1. From a debian 12 host, `apt-get install lxc lxc-templates`
+2. `ip link add brtest type bridge`
+3. `ip link set brtest up`
+4. Create a container: `lxc-create -n dhcp -t debian -- --package=dnsmasq`
+5. Edit the lxc container file `/var/lib/lxc/dhcp/config` and make sure the link is properly set to `lxc.net.0.link = brtest`, the type is set to `veth`, and give it an IP `lxc.net.0.ipv4.address = 192.168.255.1/24`
+6. Start the container: `lxc-start -n dhcp`
+7. Attach to the container: `lxc-attach -n dhcp`
+8. Stop dnsmasq and networking: `systemctl stop dnsmasq.service networking.service`
+9. Run a DHCP server: `dnsmasq --dhcp-authoritative --dhcp-range=192.168.255.2,192.168.255.254,255.255.255.0,1h --dns-loop-detect`
+10. Exit the container: `exit`
+11. Download the linux mint 22.1 installer: https://linuxmint.com/edition.php?id=319
+12. Create a TAP device and throw it in the bridge: `ip tuntap add dev taptest mode tap` .. `ip link set dev taptest up master brtest`
+13. Run qemu: `qemu-system-x86_64 -enable-kvm -smp 4,sockets=1,threads=1 -machine pc-q35-9.2,accel=kvm,kernel_irqchip=on -m 4096 -device virtio-net-pci,netdev=nic91 -netdev tap,id=nic91,ifname=taptest,script=no,downscript=no -cdrom linuxmint-22.1-cinnamon-64bit.iso` .. I run it with vnc as this is on a headless server.
+14. Once the guest has booted, you can run a tcpdump on the NIC and see that the guest receives the DHCP offer, but the UDP checksum is bunk.
+Additional information:
+I was able to test reverting the commit 7987d2be5a8bc3a502f89ba8cf3ac3e09f64d1ce and that appears to function once again.
+
+![image](/uploads/1d649230eabee269f78031eb0b2de265/image.png){width=901 height=38}