[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] Questions about XSA39


  • To: xen-devel@xxxxxxxxxxxxx
  • From: Nick Pegg <npegg@xxxxxxxxxx>
  • Date: Thu, 28 Feb 2013 15:36:15 -0500
  • Delivery-date: Thu, 28 Feb 2013 20:36:49 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xen.org>

Hi Xen developers,

I had some questions regarding XSA39, and I hope you all can answer them.

We've been rolling out some hosts with the XSA39 patch applied and have
come across a problem where a few of our customer DomUs keep hitting the
conditions which call netbk_fatal_tx_err(), mostly "Frag is bigger than
frame." These specific DomUs hit it repeatedly, between once every few
hours to every few days, and the customers say that they're sending
legitimate traffic (which I'm inclined to believe is true).

If the XSA39 protection is this easy to hit under normal circumstances,
should the solution really be as harsh as disconnecting the vif? Would
it be possible to just drop the packet(s) without causing netback to
spin while processing them?

FWIW, I have gotten a pcap dump from one of the customers facing this
problem. Wireshark does complain about a UDP packet in the sample being
too large (65538 bytes, over the max of 65535). Could this packet
possibly be the culprit? Unfortunately Wireshark refuses to load in the
packet, so I have not yet been able to dissect it.


Thanks in advance,

-Nick

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.