Ask Your Question
0

wireshark complaining of incorrect UDP checksum

asked 2020-05-06 05:24:00 +0000

rkbug gravatar image

updated 2020-05-06 14:12:18 +0000

grahamb gravatar image

I am capturing UDP packets on a gateway in an IPv6 environment. Wireshark keeps complaining that the UDP checksum is incorrect. I am using Wireshark Version 3.2.2. How do I know if wireshark is incorrect or the checksum in the incoming packet is incorrect.

I calculate the checksum in the incoming packet in the following way -

  1. I added (IPv6 address (source & destination), UDP length, Protocol ID, Entire UDP packet with checksum set as 0), 2 bytes at a time.
  2. Then, the MSB 4 bytes of the final sum to the LSB 4 bytes of the final sum.
  3. 1's compliment of the result in step (2).

Can anyone tell if my checksum computation is incorrect? If not, why is the value computed by me is different from the value expected by wireshark.

edit retag flag offensive close merge delete

Comments

This discussion is about TCP offload but is possible that the NIC on the "gateway" is doing rx checksum for UDP also?
What operating system is the capture machine running?

Chuckc gravatar imageChuckc ( 2020-05-06 18:56:46 +0000 )edit

1 Answer

Sort by ยป oldest newest most voted
0

answered 2020-05-07 19:50:41 +0000

rkbug gravatar image

Thank you. I figured the issue. The IP addresses in the IP header was byte reverse in the checksum computation.

edit flag offensive delete link more

Comments

We don't close questions, instead we accept the correct answer by clicking the checkmark icon next to it.

grahamb gravatar imagegrahamb ( 2020-05-07 19:59:44 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

Stats

Asked: 2020-05-06 05:24:00 +0000

Seen: 69 times

Last updated: May 07