Re: ipsec doesn't route TCP with 4.11 kernel

From: Eric Dumazet
Date: Fri Apr 28 2017 - 12:47:05 EST

Next message: Rob Herring: "Re: [PATCH v2] power: tps65217_charger: Add properties like voltage and current charge"
Previous message: Chris Brandt: "RE: [PATCH v5 01/10] pinctrl: generic: Add bi-directional and output-enable"
In reply to: Steffen Klassert: "Re: ipsec doesn't route TCP with 4.11 kernel"
Next in thread: Don Bowman: "Re: ipsec doesn't route TCP with 4.11 kernel"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 2017-04-28 at 09:13 +0200, Steffen Klassert wrote:
> encap type espinudp sport 4500 dport 4500 addr 0.0.0.0
>
> Ok, this is espinudp. This information was important.

> This is not a GRO issue as I thought, the TX side is already broken.
>
> Could you please try the patch below?
>
> Subject: [PATCH] esp4: Fix udpencap for local TCP packets.
>
> Locally generated TCP packets are usually cloned, so we
> do skb_cow_data() on this packets. After that we need to
> reload the pointer to the esp header. On udpencap this
> header has an offset to skb_transport_header, so take this
> offset into account.

It looks like locally generated TCP packets could avoid the
skb_cow_data(), if you were using skb_header_cloned() instead of
skb_cloned() ?

Next message: Rob Herring: "Re: [PATCH v2] power: tps65217_charger: Add properties like voltage and current charge"
Previous message: Chris Brandt: "RE: [PATCH v5 01/10] pinctrl: generic: Add bi-directional and output-enable"
In reply to: Steffen Klassert: "Re: ipsec doesn't route TCP with 4.11 kernel"
Next in thread: Don Bowman: "Re: ipsec doesn't route TCP with 4.11 kernel"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]