> I must confess that the tcpdump output is over my head. Any help would be > appreciated. I see a lot of checksums marked bad and "incorrect" but I have > no idea how to fix it. > Justin T
Q 11.1: Why am I seeing lots of packets with incorrect TCP checksums? A: If the packets that have incorrect TCP checksums are all being sent by the machine on which Wireshark is running, this is probably because the network interface on which you're capturing does TCP checksum offloading. That means that the TCP checksum is added to the packet by the network interface, not by the OS's TCP/IP stack; when capturing on an interface, packets being sent by the host on which you're capturing are directly handed to the capture interface by the OS, which means that they are handed to the capture interface without a TCP checksum being added to them. The only way to prevent this from happening would be to disable TCP checksum offloading, but 1. that might not even be possible on some OSes; 2. that could reduce networking performance significantly. Source: http://www.wireshark.org/faq.html#q11.1 This is not a real problem, so you could use `tcpdump -K` to disable checksums. Greetings Thomas
signature.asc
Description: This is a digitally signed message part.
