- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
When using Intel E810-XXVDA4, there is an issue where rx_errors easily increases due to attack packets.
After some investigation, I found that the E810 controller counts the checksum errors separately for each layer, with separate counters.
See
- Intel ® Ethernet Controller E810 Datasheet
- https://www.intel.co.jp/content/www/jp/ja/content-details/613875/intel-ethernet-controller-e810-datasheet.html
- 7.6.3.1 Status/Error.0 Field
- 7.6.3.2 Status/Error.1 Field
On the other hand, the 'ice' driver aggregated the checksum errors from all network layers into 'hw_csum_rx_error'.
See
- https://github.com/torvalds/linux/blob/v6.13/drivers/net/ethernet/intel/ice/ice_txrx_lib.c#L122-L150
At last, 'hw_csum_rx_error' is added to 'rx_errors'.
See
- https://github.com/torvalds/linux/blob/v6.13/drivers/net/ethernet/intel/ice/ice_main.c#L6976-L6990
Normally, a broken NIC can be identified by an increment in the 'rx_length_errors' value.
However, it can be a problem if there is a slight contact failure (such as compatibility issues between GIGABYTE servers and Intel genuine NICs).
In this case, only the checksum error counter will increase, making it impossible to distinguish between a poor connection and an attack packet.
This causes problems in hardware monitoring operations.
Is it possible to separate the IP/TCP bad checksum counters from 'rx_errors' in the 'ice' driver implementation?
Link Copied

- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page