From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040510 Description of problem: When using cisco vpn client 4.0.4 and kernel 2.6.6-1.435 with e1000 driver a DNS request will fail with a checksum error at the DNS server. Other network based operations will work fine but not dns (possibly other udp based connections will fail but have not tested any other). This seems to be specific to the e1000 driver as connections made using ipw2100 wireless driver will work ok, have also tested on another machine running same kernel release but using the e100 driver which also works, also this problem was not there in 2.6.5-1.358 kernel release. I have attached a file containing an extract from a network monitoring application (not sure what it is I didn't run the trace). I should stress that this only manifests itself when connecting through the cisco vpnclient normal non-ipsec tunnel operation works a expected. Version-Release number of selected component (if applicable): kernel-2.6.6-1.435 How reproducible: Always Steps to Reproduce: 1. Connect to vpn concentrator using cisco vpnclient 4.0.4 2. run dig @server www.theregister.co.uk 3. Actual Results: Dig will report timeout error. Expected Results: Resolve host. Additional info: My machine is a Tecra M1 run FC2 lspci output is attached.
Created attachment 101473 [details] Network trace for DNS request
Created attachment 101474 [details] output from lspci -v
this is a long standing bug in the cisco vpn binary module where it doesn't deal correctly with zero copy networking and corrupts checksums. Please file this with cisco not us, there's nothing we can do. (and fwiw, your wireless card isn't doing zero copy networking so doesn't see the issue) *** This bug has been marked as a duplicate of 78616 *** *** This bug has been marked as a duplicate of 78616 ***
Ok thanks, but I have one question what changed between 2.6.5-1.358 and 2.6.6-1.435 to bring out this bug?
I had the same problem with generic kernel 2.6.7 and solved it by switching off the checksumming for the NIC: ethtool -K eth0 tx off
*** Bug 157147 has been marked as a duplicate of this bug. ***
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.