VirtualBox

Opened 5 years ago

Closed 5 years ago

#18355 closed defect (fixed)

packet’s trailer extra byte padding => Fixed in SVN

Reported by: arturob Owned by:
Component: other Version: VirtualBox 5.2.24
Keywords: Cc:
Guest type: other Host type: other

Description

we see bidirectional TCP traffic and session establishing passed the 3-way handshake and for HTTP we even see the HTTP GET request from DDMSPSADM1 (client) to DDUXPSFINV1 (server) (packet number 886 in the snapshot below), however the second packet of the HTTP transfer (number 888 below) from the server to the client never makes it. This behavior is consistent every time. There are two things that are different with this packet, first is that it has the TCP PSH flag enabled, this should not create any problem. The second one is “VSS-Monitoring Ethernet trailer”, this is an extra padding that some network drivers add to the packet trailer. Apparently virtualbox is known for this behavior and some people have reported application issues because of it. We tried virtualbox on MACOS and it certainly doesn’t add the extra padding. The issue does not occur with NAT mode, only Bridge mode when using the NDIS6 Brdiged Networking Driver.

Attachments (5)

vbox_network_issue1.png (25.5 KB ) - added by arturob 5 years ago.
issue_zone5_host.pcapng (106.1 KB ) - added by arturob 5 years ago.
issue_vbox_w10_vm.pcapng (18.4 KB ) - added by arturob 5 years ago.
CIFS_TCP_DUMP_DDMSPSADM1.pcap (25.7 KB ) - added by arturob 5 years ago.
newcapture.zip (281.0 KB ) - added by arturob 5 years ago.

Download all attachments as: .zip

Change History (12)

by arturob, 5 years ago

Attachment: vbox_network_issue1.png added

by arturob, 5 years ago

Attachment: issue_zone5_host.pcapng added

by arturob, 5 years ago

Attachment: issue_vbox_w10_vm.pcapng added

by arturob, 5 years ago

comment:1 by Aleksey Ilyushin, 5 years ago

This appears to be a duplicate of #18202. The bridging driver indeed pads odd-length packets. But I fail to see how it would prevent HTTP packets from being delivered. I cannot find packets number 886 nor 888 in any of provided capture files. It is also quite hard for me to guess MAC addresses of the machines involved. Please provide adequate information that will enable me to analyze the capture files. I cannot deduce any meaning from "issue_zone5_host", for example. Which file is supposed to illustrate what?

comment:2 by arturob, 5 years ago

Hi Aleksey, Sorry for that. The issue is that Cisco ACI equipment is flagging virtualbox traffic as suspect and as a result, drops the packets.

vbox_virtualmachine - Source: 10.210.63.35, Destination: 10.202.3.203 vbox_physicalhost - Source: 10.202.3.203, Destination: 10.210.63.35 server_on_ciscoACI_network - Source: 10.202.3.203, Destination: 10.210.63.35

Protocols tested: TCP/8000 and SMB

I attached a zip with new files.

Thank you for your help!

by arturob, 5 years ago

Attachment: newcapture.zip added

comment:3 by arturob, 5 years ago

Cisco has identified this behavior (the padding of the extra byte at the packet trailer) as the root cause for the embedded IDS in their Cisco Application Centric Infrastructure (Cisco ACI )AVE switch to drop the packets. Cisco is currently contemplating the option of creating an exception for the IDS rules to allow such packets.

We would like to request VirtualBox to provide customers the option to the turn off this padding as we do not use Microsoft Load Balancing/Failover (LB/FO) VMs. Having the ability to enable/disable this 'feature' is beneficial for companies that have ACI networks.

Thank you!

comment:4 by Aleksey Ilyushin, 5 years ago

Thanks a lot for the provided files and explanations. Please try out one of the recent test builds (r128786 for 5.2 and r128790 for 6.0). These builds still allocate packets to be aligned, but no padding is used.

comment:5 by Aleksey Ilyushin, 5 years ago

Summary: packet’s trailer extra byte paddingpacket’s trailer extra byte padding => Fixed in SVN

comment:6 by arturob, 5 years ago

Thank you, Aleksey!! resolution confirmed on VirtualBox-6.0.5-129665-Win testbuild.

comment:7 by Michael Thayer, 5 years ago

Resolution: fixed
Status: newclosed
Note: See TracTickets for help on using tickets.

© 2023 Oracle
ContactPrivacy policyTerms of Use