Bug 119816 - Broadcom driver/kernel Modul tg3 does not work propperly while using Cisco VPN Client
Broadcom driver/kernel Modul tg3 does not work propperly while using Cisco VP...
Status: CLOSED WONTFIX
Product: Fedora
Classification: Fedora
Component: kernel (Show other bugs)
1
i686 Linux
medium Severity high
: ---
: ---
Assigned To: Arjan van de Ven
Brian Brock
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2004-04-02 05:45 EST by Jens Ziemann
Modified: 2007-11-30 17:10 EST (History)
7 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-04-05 07:14:56 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jens Ziemann 2004-04-02 05:45:52 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; de-AT; rv:1.4.1)
Gecko/20031114

Description of problem:
What I want: to get my eMails prom pobox.stuttgart.redhat.com trhough
Cisco VPN Client via port 993 - IMAP-SSL

Machine:
- Dell Latitude D800
- complete
- NIC onboard Broadcom - LSPIC

    Bus  2, device   0, function  0:
    Ethernet controller: Broadcom Corporation NetXtreme BCM5705M 
    Gigabit Ethernet (rev 1).  IRQ 11.
    Master Capable.  Latency=32.  Min Gnt=64.
    Non-prefetchable 64 bit memory at 0xfaff0000 [0xfaffffff].

Description:

- Sitting at home connected through a DSL line.
- firing up the Cisco VPN client to connect the Red Hat intranet.
- I�m able to ping, to our stuttgart mailserver
pobox.stuttgart.redhat.com, starting evolution 1.4.5 and login in
shows me just the amount of new eMail, no headers and no way to access
the eMails in my inbox or even to get any mails to my local machine.
- I have tried all the cisco VPN clients tha IS offers through
kickstart.rdu.redhat.com but prob still exists  
- the funny thing is that I can connect to a big bunch of other
internal machines w/o a prob through http/https/ping/ssh, ....

- yesterday night I took the most actual driver from the broadcom
Website, which is: bcm57xx-linux-7.1.22.zip
- unzipping the file gave me a src-rpm file, build the RPM, installed
it and fixed manually the wrong perms of the new module bcm5700.o.

Unloading the tg3 module and loading the bcm5700.0 made all probs go
away!!!

hope this is specific enough ;-)

cheers
jens



Version-Release number of selected component (if applicable):
kernel-2.4.22-1.2174.nptl

How reproducible:
Always

Steps to Reproduce:
see above!
    

Actual Results:  tg3 module/driver does not work propperly

Expected Results:  either make tg3 module/driver work or exchange with
broadcom driver ;-)

Additional info:

I fear this will happen to RHEL3 and FC2 as well - but not tested ;-)
BTW: On RHL 9 everything worked fine.
Comment 1 Arjan van de Ven 2004-04-02 06:07:05 EST

*** This bug has been marked as a duplicate of 78616 ***
Comment 2 Jens Ziemann 2004-04-02 08:05:14 EST
Hi Arjan,

not that easy ;-) As far as I understood tg3 is not binary, so please
fix that problem that I can use my Notebook without the broadcom driver.

On this:

I have double checked inside the RPM-Pack of the Broadcom driver in a
file License, after installing it lies on:
/usr/share/doc/bcm5700-7.1.22/Licenses which includes the GPL 2

==> are you sure this is binary only ???


cheers
Jens
Comment 3 Arjan van de Ven 2004-04-02 08:09:11 EST
the cisco stuff is binary only and afaics only that doesn't work. Case
closed.
Comment 4 Jens Ziemann 2004-04-02 08:31:56 EST
so ... everyone who has a Broadcom card/chip on his/her machine is not
able to get his/her eMails propperly?

ignoring instead fixin is a good way to stabilize our own products ;-)

so lets pass this over to IS than.

thanx for your help anyway

Jens
Comment 5 Arjan van de Ven 2004-04-02 08:47:07 EST
it's not a tg3 bug until you can reproduce it without any binary only
modules loaded. Which so far you haven't.
Comment 6 Jens Ziemann 2004-04-02 08:54:41 EST
sooo... the solution must be to have a opensource replacement for the
Cisco VPN stuff... something around that works.
My only or initial intention was to have access to my emails from
outside the red hat intranet.

cheers
Jens
Comment 7 Jens Ziemann 2004-04-05 07:13:24 EDT
Sorry to bother you again, but....

please have a look at 118962, just talked with Niels Happel, one of
our Trainers & Consultants, he found also some strange behaviours of
TG3, while in a consulting Project with a big german bank. Replacing
TG3 by the Broadcom driver made everything work like it should. I also
heard from anonther consultant probs with TG3 but due to Daniels
holidays had not chance to talk to him.
Looks pretty much like our TG3 need a bit polish, does not matter if
CiscoVPNCLienst or not ;-)

cheers
Jens

Comment 8 Fuji TSO 2004-05-21 07:14:04 EDT
I've been pestering Cisco on this issue. Here's what they have to say:

"Since the tg3 driver is new, there have been a number of issues that 
it has introduced.  A Google search will reveal that it's not just 
VPN that's affected.  One of the big differences between the VPN 
Client and other applications is that the VPN Client modifies the 
packet directly so that the size of the packet does not match the MTU 
setting of the machine when it reaches the ethernet driver.  The VPN 
Client has overhead it needs to add so it lowers the MTU setting on 
the workstation as soon as it makes a client connection so that when 
it adds it's data, the final packet comes out to a size that won't 
need to be fragmented by the ethernet driver."

I'm a bit skeptical, especially since they claim the driver is new 
when it dates back at least as far as RH8, but, maybe this 
information will cause someone to go "hmmm... Oh yeah!"?
Comment 9 Arjan van de Ven 2004-05-21 07:16:22 EDT
it sure does ;)
tg3 is one of the drivers that does zero copy networking and checksum
offloading. "that the VPN Client modifies the  packet directly"
That is illegal in linux and breaks for zerocopy networking.

Oh well. vpnc works and people are making the in kernel ipsec talk to
cisco boxes. 
Comment 10 Rod Nayfield 2005-05-07 12:18:39 EDT
Similar to 157147 issue with cisco zero-copy (does not cause issues when vpn is
not used)

Turning off all offloading seems to fix on the e1000.
# ethtool -K eth1 tx off
# ethtool -K eth1 rx off
# ethtool -K eth1 sg off
# ethtool -K eth1 tso off
Comment 11 Arjan van de Ven 2005-05-07 13:04:57 EDT
sure you avoid the most obvious data corruption by disabling zerocopy... I still
wouldn't trust my data to a system with this thing in though. Esp when there are
far more safe in this regard solutions around.
Comment 12 Fuji TSO 2005-05-09 06:49:37 EDT
FWIW, Cisco has finally come up with a VPN client that works. Version
4.6.02.0030-k9 seems to resolve all the issues I've run into.

Note You need to log in before you can comment on or make changes to this bug.