Re: [PATCH v2] network: add rule to nftables backend that zeroes checksum of DHCP responses

On Mon, Oct 28, 2024 at 06:07:14PM +0000, Daniel P. Berrangé wrote: The boot log contains Starting dhcpcd. wm0: checksum failure from 192.168.124.1 so I guess the second implementation is the relevant one. I'm using Debian GNU/Hurd, so the DHCP client is the same as regular Debian (ISC DHCP). The source can be found at https://deb.debian.org/debian-ports/pool-hurd-i386/main/i/isc-dhcp/ The version is a bit old and there's the tiniest amount of patching compared to the Linux build, specifically: --- isc-dhcp-4.4.3-P1-1.1/debian/patches/bind-fix 1970-01-01 01:00:00.000000000 +0100 +++ isc-dhcp-4.4.3-P1-1.1+hurd.1/debian/patches/bind-fix 2023-02-15 15:39:49.000000000 +0100 @@ -0,0 +1,26 @@ +Index: isc-dhcp-4.4.3-P1-build/bind/bind-9.11.36/lib/isc/unix/socket.c +=================================================================== +--- isc-dhcp-4.4.3-P1-build.orig/bind/bind-9.11.36/lib/isc/unix/socket.c ++++ isc-dhcp-4.4.3-P1-build/bind/bind-9.11.36/lib/isc/unix/socket.c +@@ -2633,7 +2633,7 @@ opensocket(isc__socketmgr_t *manager, is + char strbuf[ISC_STRERRORSIZE]; + const char *err = "socket"; + int tries = 0; +-#if defined(USE_CMSG) || defined(SO_BSDCOMPAT) || defined(SO_NOSIGPIPE) ++#if 1 + int on = 1; + #endif + #if defined(SO_RCVBUF) I'm not sure whether this could be relevant to the issue at hand. To clarify, this is something that needs to be handled at the userspace level, no kernel changes required? And clearly it affects DHCP, but what about other protocols? Are we confident those will cope just fine? -- Andrea Bolognani / Red Hat / Virtualization