LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 09-11-2014, 03:35 PM   #1
nbriozzo
LQ Newbie
 
Registered: Sep 2014
Posts: 2

Rep: Reputation: Disabled
Corrupted MAC on input error while logged on an Open Swan VPN


Hello, this is my first post here so apologies in advance if there's lack of data or formatting, i'll do my best.

So the issue is the following: I have several Ubuntu servers running on a AWS environment and i have installed one with Open Swan so other users may login into them via VPN (using ssh from their laptops, most of them are Airbooks)

One issue i have noted is that while they are logged via VPN and run a command that has a lot of output (like a find /), the screen will eventually show:

Code:
Corrupted MAC on input.
Disconnecting: Packet corrupt
And then it will drop the ssh connection. This is not totally preventing them to do their jobs, but it is fairly annoying. As an additional data, i have logged in into the servers through an external/elastic IP instead of the VPN and i'm able to see all the output of all commands (also, the connection/response seems faster at this way).

I have checked a few forums in which they have talked about Checksum Offloading but i'm not sure if it will apply in this case. Please let me know if you need further information to help me on this matter.

Regards

Last edited by nbriozzo; 09-11-2014 at 03:37 PM.
 
Old 09-11-2014, 08:39 PM   #2
jefro
Moderator
 
Registered: Mar 2008
Posts: 21,974

Rep: Reputation: 3623Reputation: 3623Reputation: 3623Reputation: 3623Reputation: 3623Reputation: 3623Reputation: 3623Reputation: 3623Reputation: 3623Reputation: 3623Reputation: 3623
Thought I was right. checksum offload in nic causes a bogus mac. While checksum offload is great for reducing cpu load it also causes an oddity. It forces a mac to the host since all the work was really done in nic. Wireshark will also show this oddity.

http://serverfault.com/questions/338...put-disconnect
 
Old 09-12-2014, 12:11 PM   #3
nbriozzo
LQ Newbie
 
Registered: Sep 2014
Posts: 2

Original Poster
Rep: Reputation: Disabled
root@server$ethtool --show-offload eth0
Offload parameters for eth0:
rx-checksumming: off
tx-checksumming: off
scatter-gather: off
tcp-segmentation-offload: off
udp-fragmentation-offload: off
generic-segmentation-offload: off
generic-receive-offload: off
large-receive-offload: off
rx-vlan-offload: off
tx-vlan-offload: off
ntuple-filters: off
receive-hashing: off

This is the VPN server where i get the IP. I've run commands to disable checksum, but i still get the "Corrupted MAC on input, Disconnecting: Packet corrupt" error.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
sftp problem: corrupted mac on input ills0n Linux - Networking 1 01-11-2005 01:10 PM
Disconnecting: Corrupted MAC input basbosco Linux - Networking 0 11-07-2003 01:06 AM
disconnecting: Corrupted MAC on input basbosco Linux - Security 1 11-05-2003 01:54 AM
ssh & sftp, DISCONNECTED:corrupted MAC on input frieza Linux - Networking 6 02-16-2003 09:41 PM
VPN (Free/Swan) abbah Linux - Security 1 05-28-2001 09:32 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 11:27 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration