Bug 252015

Summary: Enabling LRO on network interfaces by default considered harmful
Product: Base System Reporter: Bob Bishop <rb>
Component: kernAssignee: freebsd-net (Nobody) <net>
Status: New ---    
Severity: Affects Some People CC: dms, erj, j.kelly.hays, kbowling, paul
Priority: ---    
Version: Unspecified   
Hardware: Any   
OS: Any   
See Also: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=254596

Description Bob Bishop 2020-12-21 13:00:50 UTC 
Just had no end of trouble getting a newly commissioned system to communicate properly over ixl(4) interfaces. The problem turned out to be that LRO is enabled by default, and interferes seriously with anything involving packet forwarding. I'm not going to be the only one bitten by this so I propose that the default should be -lro.

Observed on 12.2-R but almost certainly applies to other versions and probably to other interfaces as well.
Comment 1 daniel schütze 2020-12-21 13:22:25 UTC 
To confirm I experienced this issue with LRO on a host causing problems on two VirtualBox virtual machines.  One a gateway and one a VPN.  In both cases the virtual machines were rendered unusable due to the forwarding elements being restricted.

The effect was observable with any client connected to the VPN or using the gateway getting very low transfer speeds of 20kbytes/second or so when going through a tunnel or  gateway.

The resolution was to restart the networking on the host with the -lro flag (as an aside vboxnet also needed be restarted in order to ensure the host could directly network with the VMs)

Also note the information on the intel driver for the interface

https://downloadmirror.intel.com/25160/eng/readme.txt

QUOTE
LRO
---
LRO (Large Receive Offload) may provide Rx performance improvement. However, it
is incompatible with packet-forwarding workloads. You should carefully evaluate
the environment and enable LRO when possible.

To enable:

# ifconfig ixlX lro

It can be disabled by using:

# ifconfig ixlX -lro
ENQUOTE
Comment 2 paul vixie 2023-05-12 20:48:08 UTC 
agreed that LRO should never be on by default. furthermore it should never be propagated from a trunk interface into vlan subinterfaces. see also #254596.
Comment 3 Kevin Bowling freebsd_committer freebsd_triage 2023-08-14 02:02:34 UTC 
(In reply to Bob Bishop from comment #0)
What kind of packet forwarding setup are we talking here?  The network stack code should disable LRO if forwarding in the IP stack https://cgit.freebsd.org/src/tree/sys/net/iflib.c#n2901.