Re: vtnet rxcsum broken for forwarding RELENG_13 ?

From: Matt Garber <>
Date: Tue, 12 Apr 2022 20:08:29 UTC
On Tue, Apr 12, 2022 at 4:01 PM Patrick M. Hausen <> wrote:

> Hi Kristof, hi all,
> > Am 12.04.2022 um 21:48 schrieb Kristof Provost <>:
> > That PF checksum issue was fixed
> c110fc49da2995d10d60d908af0838ecb4be9bee, back in 2015.
> I still have abysmal performance with pf NAT in a DigitalOcean droplet
> running 13.1-RC2 unless I configure:
>         ifconfig_vtnet0="-rxcsum -txcsum -rxcsum6 -txcsum6"
> I can give you SSH access, if needed.
> Kind regards,
> Patrick

Same for me, on 12.x RELEASEs, and I’d previously tested on Digital Ocean
and Google Compute Platform infrastructure. While I don’t doubt that some
issues with TCP checksums have potentially been resolved, there are still
unresolved performance problems using the vtnet driver (VirtIO, KVM host)
unless checksums are disabled.

This might only be specific to NAT/forwarding at this point, as I realized
my setup also involved PF NAT’ing on cloned loopback interfaces for
non-VNET jailed services.

Also note that other KVM setups using drivers other than vtnet don’t seem
to have the same problem, at least based on the alternatives I tested —
e.g., AWS Nitro KVM instances are unaffected as they’re using the Elastic
Network Adapters.