tcpdump mailing list archives
incorrect tcp checksum on Linux tun interfaces?
From: Gert Doering <gert () greenie muc de>
Date: Wed, 28 Nov 2012 23:28:38 +0100
Hi, I'm a bit irritated by a byproduct of a problem hunt today, incorrect TCP checksums on a *tun* interface... 23:17:39.862001 IP6 (hlim 64, next-header TCP (6) payload length: 40) fd00:abcd:194:7::1.33509 > fd00:abcd:194:7::1000.2: S, cksum 0x6502 (incorrect (-> 0x3962), 1541095226:1541095226(0) win 14400 <mss 1440,sackOK,timestamp 178211075 0,nop,wscale 6> 23:17:39.926409 IP6 (hlim 64, next-header TCP (6) payload length: 20) fd00:abcd:194:7::1000.2 > fd00:abcd:194:7::1.33509: R, cksum 0x2cff (correct), 0:0(0) ack 1541095227 win 0 23:18:14.295000 IP (tos 0x10, ttl 64, id 4904, offset 0, flags [DF], proto TCP (6), length 60) 10.194.7.1.52647 > 10.194.7.6.2: S, cksum 0x23b9 (incorrect (-> 0xd832), 2395069612:2395069612(0) win 14600 <mss 1460,sackOK,timestamp 178245508 0,nop,wscale 6> 23:18:14.322183 IP (tos 0x10, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 40) 10.194.7.6.2 > 10.194.7.1.52647: R, cksum 0x532d (correct), 0:0(0) ack 2395069613 win 0 this is "tcpdump -v -s0 -i tun6" on a Linux 3.3.8 kernel. I'm quite used to see "incorrect" TCP checksums on interfaces that have hardware TCP checksum offloading (because pcap sees the packet before it's handed to the hardware for checksumming) - but on a *tun* interface, with no hardware to actually offload it to? Is this something new in the way Linux tun operates? (The tun goes into openvpn, and out of the other side's tun comes a packet with a perfectly valid TCP checksum, so "what openvpn sees" has the correct checksum, only "what tcpdum sees" does not) For the fun of it, I asked "ethtool", and it tells me "no checksum offloading"... gert@gentoo $ ethtool -k tun6 Offload parameters for tun6: rx-checksumming: off tx-checksumming: off scatter-gather: off tcp-segmentation-offload: off udp-fragmentation-offload: off generic-segmentation-offload: off generic-receive-offload: on large-receive-offload: off rx-vlan-offload: off tx-vlan-offload: off ntuple-filters: off receive-hashing: off ... weird. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany gert () greenie muc de fax: +49-89-35655025 gert () net informatik tu-muenchen de _______________________________________________ tcpdump-workers mailing list tcpdump-workers () lists tcpdump org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Current thread:
- incorrect tcp checksum on Linux tun interfaces? Gert Doering (Dec 04)
- Re: incorrect tcp checksum on Linux tun interfaces? Michael Richardson (Dec 04)
- Re: incorrect tcp checksum on Linux tun interfaces? Gert Doering (Dec 04)
- Re: incorrect tcp checksum on Linux tun interfaces? Rick Jones (Dec 10)
- Re: incorrect tcp checksum on Linux tun interfaces? Gert Doering (Dec 04)
- Re: incorrect tcp checksum on Linux tun interfaces? Michael Richardson (Dec 04)