broken ip checksum after frag reassemble of nfs READDIR?

Adam McDougall mcdouga9 at
Sun Apr 2 20:02:43 UTC 2006

On Sun, Apr 02, 2006 at 03:33:46PM -0400, Adam McDougall wrote:

  On Sun, Apr 02, 2006 at 11:56:09AM -0400, Adam McDougall wrote:
  the command hangs, not receiving a valid reply due to a bad checksum on the nfs READDIR
  reply: (tcpdump on the client system, I made sure I ifconfig em0 -txcsum -rxcsum and client
  mtu is also 8000 now for testing)
  15:10:16.437881 IP (tos 0x0, ttl  64, id 33816, offset 0, flags [none], proto: UDP (17), length: 152) > 124 readdir [|nfs]
  15:10:16.438360 IP (tos 0x0, ttl  63, id 10076, offset 0, flags [none], proto: UDP (17), length: 
  6328, bad cksum b721 (->a445)!) > reply ok 6300 readdir POST: 
  DIR 1777 ids 0/0 [|nfs]

... I just remembered that FreeBSD's mount_nfs uses udp by default and I should try
tcp mounts.  I just tested tcp and it works fine, because the nfs server appears to
send out individual non-frag TCP packets, properly sized until the total data is sent,
thus no reassembly is required by pf, and no new packet is produced, thus the checksum
is fine.

In my environment (before pf was introduced), TCP NFS is practically required anyway,
so I don't care if UDP NFS works, but we should probably try to figure out if frag
reassembly over a bridge is broken because it ought to work.

More information about the freebsd-pf mailing list