eradman

Asked: 2015-01-24 08:10:30 +0800 CST2015-01-24 08:10:30 +0800 CST 2015-01-24 08:10:30 +0800 CST

What conditions can account for incorrect inbound TCP checksums?

According to The Wireshark FAQ TCP checksum offloading causes checksums for outbound traffic to be calculated incorrectly. On some Linux hosts I see some inbound TCP traffic that is flagged with incorrect checksums:

$ sudo tcpdump -n -vvv dst 10.10.2.20 | grep incorrect
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
10.10.2.3.nfs > 10.10.2.20.884: Flags [P.], cksum 0x83fc (incorrect -> 0x2825), seq 3552641460:3552662384, ack 2706746316, win 32806, options [nop,nop,TS val 34524903 ecr 341853002], length 20924 
10.10.2.9.ssh > 10.10.2.20.42037: Flags [P.], cksum 0xf39f (incorrect -> 0x2fe6), seq 5174:6902, ack 3086, win 204, options [nop,nop,TS val 263217396 ecr 341868329], length 1728

Where 10.10.2.20 is the external interface on this system.

What conditions can account for incorrect inbound TCP checksums?

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?

What conditions can account for incorrect inbound TCP checksums?

0 Answers