dissolved
asked on
Bad TCP checksums
I've been noticing some of these in my sniffer logs. A few questions
1. Do packets received with bad checksum errors, let the other side know the data got corrupted/changed on the way there? Or does the receiving end simply just drop the packet?
2. What causes bad checksum errors? Misconfigured hosts? Faulty hardware?
3. I've noticed that I was getting tcp checksum errors when a default gateway wasnt specified on my linux box. When I specified one however, I stopped seeing them. Did specifying a default gateway correct this?
Also, can someone tell me whats going on here?
08:23:16.729062 00:80:c6:fa:e3:49 > 00:b0:d0:c6:57:11, ethertype IPv4 (0x0800), length 70: IP (tos 0x0, ttl 31, id 8573, offset 0, flags [none], length: 56) 192.168.1.1 > 192.168.1.12: icmp 36: redirect 192.168.4.3 to host 192.168.1.50 for IP (tos 0x0, ttl 63, id 0, offset 0, flags [DF], length: 48) 192.168.1.12.5901 > 192.168.4.3.1201: [|tcp]
It's obviously an ICMP redirect message from my cable router (192.168.1.1) destined for my linux box (192.168.1.12). But what is this packet telling 192.168.1.12?
1. Do packets received with bad checksum errors, let the other side know the data got corrupted/changed on the way there? Or does the receiving end simply just drop the packet?
2. What causes bad checksum errors? Misconfigured hosts? Faulty hardware?
3. I've noticed that I was getting tcp checksum errors when a default gateway wasnt specified on my linux box. When I specified one however, I stopped seeing them. Did specifying a default gateway correct this?
Also, can someone tell me whats going on here?
08:23:16.729062 00:80:c6:fa:e3:49 > 00:b0:d0:c6:57:11, ethertype IPv4 (0x0800), length 70: IP (tos 0x0, ttl 31, id 8573, offset 0, flags [none], length: 56) 192.168.1.1 > 192.168.1.12: icmp 36: redirect 192.168.4.3 to host 192.168.1.50 for IP (tos 0x0, ttl 63, id 0, offset 0, flags [DF], length: 48) 192.168.1.12.5901 > 192.168.4.3.1201: [|tcp]
It's obviously an ICMP redirect message from my cable router (192.168.1.1) destined for my linux box (192.168.1.12). But what is this packet telling 192.168.1.12?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER