Bug 252015 - Enabling LRO on network interfaces by default considered harmful
Summary: Enabling LRO on network interfaces by default considered harmful
Status: New
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: Unspecified
Hardware: Any Any
: --- Affects Some People
Assignee: freebsd-net (Nobody)
Depends on:
Reported: 2020-12-21 13:00 UTC by Bob Bishop
Modified: 2020-12-21 16:36 UTC (History)
1 user (show)

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Bob Bishop 2020-12-21 13:00:50 UTC
Just had no end of trouble getting a newly commissioned system to communicate properly over ixl(4) interfaces. The problem turned out to be that LRO is enabled by default, and interferes seriously with anything involving packet forwarding. I'm not going to be the only one bitten by this so I propose that the default should be -lro.

Observed on 12.2-R but almost certainly applies to other versions and probably to other interfaces as well.
Comment 1 daniel schütze 2020-12-21 13:22:25 UTC
To confirm I experienced this issue with LRO on a host causing problems on two VirtualBox virtual machines.  One a gateway and one a VPN.  In both cases the virtual machines were rendered unusable due to the forwarding elements being restricted.

The effect was observable with any client connected to the VPN or using the gateway getting very low transfer speeds of 20kbytes/second or so when going through a tunnel or  gateway.

The resolution was to restart the networking on the host with the -lro flag (as an aside vboxnet also needed be restarted in order to ensure the host could directly network with the VMs)

Also note the information on the intel driver for the interface


LRO (Large Receive Offload) may provide Rx performance improvement. However, it
is incompatible with packet-forwarding workloads. You should carefully evaluate
the environment and enable LRO when possible.

To enable:

# ifconfig ixlX lro

It can be disabled by using:

# ifconfig ixlX -lro