Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 119816 - Broadcom driver/kernel Modul tg3 does not work propperly while using Cisco VPN Client
Summary: Broadcom driver/kernel Modul tg3 does not work propperly while using Cisco VP...
Alias: None
Product: Fedora
Classification: Fedora
Component: kernel
Version: 1
Hardware: i686
OS: Linux
Target Milestone: ---
Assignee: Arjan van de Ven
QA Contact: Brian Brock
Depends On:
TreeView+ depends on / blocked
Reported: 2004-04-02 10:45 UTC by Jens Ziemann
Modified: 2007-11-30 22:10 UTC (History)
7 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2004-04-05 11:14:56 UTC

Attachments (Terms of Use)

Description Jens Ziemann 2004-04-02 10:45:52 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; de-AT; rv:1.4.1)

Description of problem:
What I want: to get my eMails prom trhough
Cisco VPN Client via port 993 - IMAP-SSL

- Dell Latitude D800
- complete
- NIC onboard Broadcom - LSPIC

    Bus  2, device   0, function  0:
    Ethernet controller: Broadcom Corporation NetXtreme BCM5705M 
    Gigabit Ethernet (rev 1).  IRQ 11.
    Master Capable.  Latency=32.  Min Gnt=64.
    Non-prefetchable 64 bit memory at 0xfaff0000 [0xfaffffff].


- Sitting at home connected through a DSL line.
- firing up the Cisco VPN client to connect the Red Hat intranet.
- I�m able to ping, to our stuttgart mailserver, starting evolution 1.4.5 and login in
shows me just the amount of new eMail, no headers and no way to access
the eMails in my inbox or even to get any mails to my local machine.
- I have tried all the cisco VPN clients tha IS offers through but prob still exists  
- the funny thing is that I can connect to a big bunch of other
internal machines w/o a prob through http/https/ping/ssh, ....

- yesterday night I took the most actual driver from the broadcom
Website, which is:
- unzipping the file gave me a src-rpm file, build the RPM, installed
it and fixed manually the wrong perms of the new module bcm5700.o.

Unloading the tg3 module and loading the bcm5700.0 made all probs go

hope this is specific enough ;-)


Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
see above!

Actual Results:  tg3 module/driver does not work propperly

Expected Results:  either make tg3 module/driver work or exchange with
broadcom driver ;-)

Additional info:

I fear this will happen to RHEL3 and FC2 as well - but not tested ;-)
BTW: On RHL 9 everything worked fine.

Comment 1 Arjan van de Ven 2004-04-02 11:07:05 UTC

*** This bug has been marked as a duplicate of 78616 ***

Comment 2 Jens Ziemann 2004-04-02 13:05:14 UTC
Hi Arjan,

not that easy ;-) As far as I understood tg3 is not binary, so please
fix that problem that I can use my Notebook without the broadcom driver.

On this:

I have double checked inside the RPM-Pack of the Broadcom driver in a
file License, after installing it lies on:
/usr/share/doc/bcm5700-7.1.22/Licenses which includes the GPL 2

==> are you sure this is binary only ???


Comment 3 Arjan van de Ven 2004-04-02 13:09:11 UTC
the cisco stuff is binary only and afaics only that doesn't work. Case

Comment 4 Jens Ziemann 2004-04-02 13:31:56 UTC
so ... everyone who has a Broadcom card/chip on his/her machine is not
able to get his/her eMails propperly?

ignoring instead fixin is a good way to stabilize our own products ;-)

so lets pass this over to IS than.

thanx for your help anyway


Comment 5 Arjan van de Ven 2004-04-02 13:47:07 UTC
it's not a tg3 bug until you can reproduce it without any binary only
modules loaded. Which so far you haven't.

Comment 6 Jens Ziemann 2004-04-02 13:54:41 UTC
sooo... the solution must be to have a opensource replacement for the
Cisco VPN stuff... something around that works.
My only or initial intention was to have access to my emails from
outside the red hat intranet.


Comment 7 Jens Ziemann 2004-04-05 11:13:24 UTC
Sorry to bother you again, but....

please have a look at 118962, just talked with Niels Happel, one of
our Trainers & Consultants, he found also some strange behaviours of
TG3, while in a consulting Project with a big german bank. Replacing
TG3 by the Broadcom driver made everything work like it should. I also
heard from anonther consultant probs with TG3 but due to Daniels
holidays had not chance to talk to him.
Looks pretty much like our TG3 need a bit polish, does not matter if
CiscoVPNCLienst or not ;-)


Comment 8 Fuji TSO 2004-05-21 11:14:04 UTC
I've been pestering Cisco on this issue. Here's what they have to say:

"Since the tg3 driver is new, there have been a number of issues that 
it has introduced.  A Google search will reveal that it's not just 
VPN that's affected.  One of the big differences between the VPN 
Client and other applications is that the VPN Client modifies the 
packet directly so that the size of the packet does not match the MTU 
setting of the machine when it reaches the ethernet driver.  The VPN 
Client has overhead it needs to add so it lowers the MTU setting on 
the workstation as soon as it makes a client connection so that when 
it adds it's data, the final packet comes out to a size that won't 
need to be fragmented by the ethernet driver."

I'm a bit skeptical, especially since they claim the driver is new 
when it dates back at least as far as RH8, but, maybe this 
information will cause someone to go "hmmm... Oh yeah!"?

Comment 9 Arjan van de Ven 2004-05-21 11:16:22 UTC
it sure does ;)
tg3 is one of the drivers that does zero copy networking and checksum
offloading. "that the VPN Client modifies the  packet directly"
That is illegal in linux and breaks for zerocopy networking.

Oh well. vpnc works and people are making the in kernel ipsec talk to
cisco boxes. 

Comment 10 Rod Nayfield 2005-05-07 16:18:39 UTC
Similar to 157147 issue with cisco zero-copy (does not cause issues when vpn is
not used)

Turning off all offloading seems to fix on the e1000.
# ethtool -K eth1 tx off
# ethtool -K eth1 rx off
# ethtool -K eth1 sg off
# ethtool -K eth1 tso off

Comment 11 Arjan van de Ven 2005-05-07 17:04:57 UTC
sure you avoid the most obvious data corruption by disabling zerocopy... I still
wouldn't trust my data to a system with this thing in though. Esp when there are
far more safe in this regard solutions around.

Comment 12 Fuji TSO 2005-05-09 10:49:37 UTC
FWIW, Cisco has finally come up with a VPN client that works. Version seems to resolve all the issues I've run into.

Note You need to log in before you can comment on or make changes to this bug.