[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

[TCP CHECKSUM INCORRECT]

Posted on 2007-11-19
6
Medium Priority
?
11,979 Views
Last Modified: 2013-12-23
Is it normal for Wireshark to be reporting about 33% of all network data as [TCP CHECKSUM INCORRECT]? For each 2 "Continuation of HTTP traffic" packets I get, I also get 1 packet marked as [TCP CHECKSUM INCORRECT] (highlighted in black in Wireshark).
0
Comment
Question by:tylermenezes
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 8

Accepted Solution

by:
static-void earned 500 total points
ID: 20324570
Thats obviousally really bad. Is happening to all hosts or just a specific one? The most likely cause is that you have some seriously bad link in your network. Check for bad cabling. You should start by trying to isolate where the prob is. If your using wireless anywhere thats a good place to start.
0
 

Author Comment

by:tylermenezes
ID: 20324582
I'm pretty sure it's the router (it's fine without it), but I wanted to make sure this wasn't normal.
0
 
LVL 8

Expert Comment

by:static-void
ID: 20324611
yeah if 1/3 is checksum failed that means that another 1/3 is failed packets so only 1/3 of packets are correctly transmitted. Thats real bad
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 

Author Comment

by:tylermenezes
ID: 20324627
Thanks for the help. I assigned points to your earlier response, because it clarified my problem and will probably help anyone else more than is necessary in my case.
0
 
LVL 6

Expert Comment

by:CoreyMac
ID: 22639694
I think as a time-tested question this is just likely wrong...

Checksums are rarely wrong, so look at the checksum value in the trace.  If it is TCP and 0000 (zeros) then the problem is probably bogus.

The source of this is usually the fact the TCP checksums-offload are enabled in the NIC driver and so many of the packets (the ones to/from this machine) have their checksums not calculated until the actual NIC gets ready to transmit the frame.  

Wireshark can't tell so it calls it in error.
0
 

Expert Comment

by:JasonMewes
ID: 23203412
It is common for wireshark to display *almost all* packets as having bad CRC because of checksum offloading (as explained by CoreyMac)... however it seems a bit odd that you have a large number of packets displayed as good? Unless they are UDP packets, for which a CRC of 0 is always valid as it specifies that checksums are disabled for the current packet. The IP level checksum cannot be disabled however, but if this is not offloaded you might find yourself in this exact situation.

In any case, what you can do is to disable offloading in your network card settings:

Control Panel -> Device Manager -> Your network card -> Properties -> General -> Change Settings -> Advanced

Go through the list of properties and disable offloading, on my network card I have disabled the following:

IPv4 Checksum Offload
TCP Checksum Offload (IPv4)
TCP Checksum Offload (IPv6)
UDP Checksum Offload (IPv4)
UDP Checksum Offload (IPv6)

This will put more "strain" on your CPU, but can be useful when wiresharkin'...
0

Featured Post

What’s Wrong with Your Cloud Strategy ?

Even as many CIOs are embracing a cloud-first strategy, the reality is that moving to the cloud is a lengthy process and the end-state is likely to be a blend of multiple clouds—public and private. Learn why multicloud solutions matter in this webinar by Nimble Storage.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
This article is a collection of issues that people face from time to time and possible solutions to those issues. I hope you enjoy reading it.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question