DNS Checksum
Hi I'm still learning how to use wireshark properly. Can you help me explain how to calculate the DNS checksum? Is it the same way we calculate UDP checksum?
Hi I'm still learning how to use wireshark properly. Can you help me explain how to calculate the DNS checksum? Is it the same way we calculate UDP checksum?
The UDP checksum is "Checksum is the 16-bit one's complement of the one's complement sum of a pseudo header of information from the IP header, the UDP header, and the data, padded with zero octets at the end (if necessary) to make a multiple of two octets.", as per RFC 768. See also the TCP/IP Guide, or wikipedia.
Please start posting anonymously - your entry will be published after you log in or create a new account.
Asked: 2018-10-20 17:48:35 +0000
Seen: 1,190 times
Last updated: Oct 21 '18
What field are you referring to exactly? What display filter matches this field (you can find it in the lower left corner of the Wireshark window)?
I use dns filter. In the UDP line, there is a checksum. I want to verify the checksum but I can't figure it out how
That's the UDP checksum, not the DNS checksum. DNS is transported over UDP (and sometimes over TCP); the UDP checksum in a DNS-over-UDP packet is part of UDP, not DNS.