Created
January 21, 2013 05:27
-
-
Save mokomull/4583817 to your computer and use it in GitHub Desktop.
dhcp checksum offload workaround
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --git a/modules/vpssd/templates/compute_firewall.erb b/modules/vpssd/templates/compute_firewall.erb | |
| index 5b69f24..89a7f80 100644 | |
| --- a/modules/vpssd/templates/compute_firewall.erb | |
| +++ b/modules/vpssd/templates/compute_firewall.erb | |
| @@ -6,20 +6,27 @@ | |
| :POSTROUTING ACCEPT [0:0] | |
| COMMIT | |
| # Completed on Sat Oct 6 19:51:27 2012 | |
| # Generated by iptables-save v1.4.12 on Sat Oct 6 19:51:27 2012 | |
| *mangle | |
| :PREROUTING ACCEPT [0:0] | |
| :INPUT ACCEPT [0:0] | |
| :FORWARD ACCEPT [0:0] | |
| :OUTPUT ACCEPT [0:0] | |
| :POSTROUTING ACCEPT [0:0] | |
| + | |
| +# fix checksums for DHCP, since guest offloading the computation to the host | |
| +# does not actually set the field when the DHCP client is on the same compute | |
| +# node as the DHCP server | |
| +-A POSTROUTING -p udp -m udp --dport 67 -j CHECKSUM --checksum-fill | |
| +-A POSTROUTING -p udp -m udp --sport 67 -j CHECKSUM --checksum-fill | |
| + | |
| COMMIT | |
| # Completed on Sat Oct 6 19:51:27 2012 | |
| # Generated by iptables-save v1.4.12 on Sat Oct 6 19:51:27 2012 | |
| *filter | |
| :INPUT ACCEPT [0:0] | |
| :FORWARD ACCEPT [0:0] | |
| :OUTPUT ACCEPT [0:0] | |
| :input - [0:0] | |
| :forward - [0:0] | |
| :reject - [0:0] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment