From aa95bddd2dfe1598b207fee17f262d021ad82e56 Mon Sep 17 00:00:00 2001
From: Antonio Ojea <antonio.ojea.garcia@gmail.com>
Date: Mon, 13 Apr 2020 11:51:20 +0200
Subject: [PATCH] Make VXLAN checksum configurable

Seems that some kernel versions have issues with VXLAN checksum
offloading, causing that flannel stop to work on some scenarios
where the traffic is encapsulated, but the checksum is wrong and is
discarded by the receiver.

A known workaround that works is disabling offloading on the flannel
interface:

ethtool --offload flannel.1 rx off tx off

Adding the option to flannel to disable the checksum will make it
easier for the user.
---
 backend/vxlan/device.go | 16 +++++++++-------
 backend/vxlan/vxlan.go  | 21 ++++++++++++---------
 2 files changed, 21 insertions(+), 16 deletions(-)

diff --git a/backend/vxlan/device.go b/backend/vxlan/device.go
index c3020b5795..2b8bfdefcb 100644
--- a/backend/vxlan/device.go
+++ b/backend/vxlan/device.go
@@ -29,13 +29,14 @@ import (
 )
 
 type vxlanDeviceAttrs struct {
-	vni       uint32
-	name      string
-	vtepIndex int
-	vtepAddr  net.IP
-	vtepPort  int
-	gbp       bool
-	learning  bool
+	vni         uint32
+	name        string
+	vtepIndex   int
+	vtepAddr    net.IP
+	vtepPort    int
+	gbp         bool
+	learning    bool
+	udpChecksum bool
 }
 
 type vxlanDevice struct {
@@ -54,6 +55,7 @@ func newVXLANDevice(devAttrs *vxlanDeviceAttrs) (*vxlanDevice, error) {
 		Port:         devAttrs.vtepPort,
 		Learning:     devAttrs.learning,
 		GBP:          devAttrs.gbp,
+		UDPCSum:      devAttrs.udpChecksum,
 	}
 
 	link, err := ensureLink(link)
diff --git a/backend/vxlan/vxlan.go b/backend/vxlan/vxlan.go
index 1c2e2b3340..7e463bf6b2 100644
--- a/backend/vxlan/vxlan.go
+++ b/backend/vxlan/vxlan.go
@@ -55,10 +55,11 @@ package vxlan
 import (
 	"encoding/json"
 	"fmt"
-	log "github.com/golang/glog"
 	"net"
 	"sync"
 
+	log "github.com/golang/glog"
+
 	"golang.org/x/net/context"
 
 	"github.com/coreos/flannel/backend"
@@ -109,6 +110,7 @@ func (be *VXLANBackend) RegisterNetwork(ctx context.Context, wg sync.WaitGroup,
 		GBP           bool
 		Learning      bool
 		DirectRouting bool
+		UDPChecksum   bool
 	}{
 		VNI: defaultVNI,
 	}
@@ -118,16 +120,17 @@ func (be *VXLANBackend) RegisterNetwork(ctx context.Context, wg sync.WaitGroup,
 			return nil, fmt.Errorf("error decoding VXLAN backend config: %v", err)
 		}
 	}
-	log.Infof("VXLAN config: VNI=%d Port=%d GBP=%v Learning=%v DirectRouting=%v", cfg.VNI, cfg.Port, cfg.GBP, cfg.Learning, cfg.DirectRouting)
+	log.Infof("VXLAN config: VNI=%d Port=%d GBP=%v Learning=%v DirectRouting=%v Checksum=%v", cfg.VNI, cfg.Port, cfg.GBP, cfg.Learning, cfg.DirectRouting, cfg.UDPChecksum)
 
 	devAttrs := vxlanDeviceAttrs{
-		vni:       uint32(cfg.VNI),
-		name:      fmt.Sprintf("flannel.%v", cfg.VNI),
-		vtepIndex: be.extIface.Iface.Index,
-		vtepAddr:  be.extIface.IfaceAddr,
-		vtepPort:  cfg.Port,
-		gbp:       cfg.GBP,
-		learning:  cfg.Learning,
+		vni:         uint32(cfg.VNI),
+		name:        fmt.Sprintf("flannel.%v", cfg.VNI),
+		vtepIndex:   be.extIface.Iface.Index,
+		vtepAddr:    be.extIface.IfaceAddr,
+		vtepPort:    cfg.Port,
+		gbp:         cfg.GBP,
+		learning:    cfg.Learning,
+		udpChecksum: cfg.UDPChecksum,
 	}
 
 	dev, err := newVXLANDevice(&devAttrs)