XEN: pciback.hide disabled?
Gawain Lynch
gawain.lynch at bigpond.com
Thu Jun 22 09:59:13 UTC 2006
Hi Gilboa,
> Thanks for the link. I should have found it myself.
> /me club myself in the head for not googling for it...
/me joins you for all the times I have mad the same mistake :-)
However I had to figure this on my own as Google was not of much help!
> I can't seem to find documentation of TCP checksum failure and/or
> security issues.
> Is it still true for recent (2.6.16/17) kernels?
The security issues are documented in the Xen Admin manual, PDF version.
The last time I looked the online HTML version omits the whole
pciback.hide thing, however it all still works as documented so it may
or may not still apply (it does here).
As for the checksuming issue, it still applies with 2.6.16-1.2133. I
have not tried the 2.6.17 in testing as it requires a newer Xen package
that had not hit testing this morning when I last checked. How did I
find out? `tcpdump -v -v -n -i ethX' will show the problem, and your
domU's will have issues communicating.
I also found this documented by Tom Eastep at
http://www.shorewall.net/XenMyWay.html
It may also just be the way I am doing it, but the domU's using the PCI
frontend driver *must* be up before other domU's or the will just fail
talking to the network. I am still working on this one...
Take care,
Gawain
More information about the fedora-devel-list
mailing list