bad udp cksum messages in tcpdump for wg0
google gsuite
cs at lost-frequencies.eu
Fri Dec 20 14:47:55 CET 2019
Hi
My DNS server is available via a wireguard interface. Because of many requests I did a tcpdump on the traffic and found messages like.
14:05:34.881307 IP (tos 0x0, ttl 63, id 33826, offset 0, flags [DF], proto UDP (17), length 54)
10.99.97.15.53628 > 10.99.97.17.domain: [bad udp cksum 0xd719 -> 0x6360!] 8446+ A? postgres. (26)
I could turn that messages off with turning off check validation on the interface
ethtool -K wg0 tx off rx off
Actual changes:
rx-checksumming: off
tx-checksumming: off
tx-checksum-ip-generic: off
The tcpdump traffic looks now like this
14:08:36.494987 IP (tos 0x0, ttl 63, id 61627, offset 0, flags [DF], proto UDP (17), length 54)
10.99.97.15.40185 > 10.99.97.17.domain: [udp sum ok] 1324+ A? postgres. (26)
I want to know if the behavior described above with the checksum errors is to be expected? Or is it necessary to turn those checks off on all the interfaces?
BR
ybaumy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20191220/8be313df/attachment.html>
More information about the WireGuard
mailing list