Lots (but not all) of TCP CHECKSUM INCORRECT on Windows
I'm using a Windows PC as a TCP client to debug a TCP server. The server could be problematic even in the TCP checksum calculation. Wireshark on the PC does the traffic capture.
In the Wireshark capture, 192.168.1.9 is the TCP server, and 192.168.1.20 is the Windows PC as a TCP client. Lots of TCP segments sent by the TCP client are marked as TCP CHECKSUM INCORRECT (can be shown by tcp.checksum_bad.expert
). I've read https://wiki.wireshark.org/TCP_Checksum_Verification and learned of offloading. I don't think the TCP CHECKSUM INCORRECT is caused by offloading because there are also lots of TCP segments that are marked as Checksum: 0xXXXX [correct] (matches paritial checksum ...)
, which is more likely the result of offloading. I don't think Windows' TCP stack is problematic since the PC browser works fine. Why are there so many TCP CHECKSUM INCORRECT
from PC? Thanks very much!
Can you make a capture on the server?
The packets marked with bad checksum all have a length of 2102 which means they are split (and checksum calculated) before they go on the wire.
Sorry I can't. The server is an embedded device.
Can you capture on the wire, rather than the PC? Then you really see what these packets look like.
Another option is to temporary disable TCP checksum offload and LSO offload in the NIC driver via: Device Manager / Network / Ethernet Controller properties / Advanced tab.