netbsd-help: tcpdump: bad checksums on lo0

Subject: tcpdump: bad checksums on lo0
To: None <netbsd-help@netbsd.org>
From: Jukka Salmi <j+nbsd@2007.salmi.ch>
List: netbsd-help
Date: 08/06/2007 18:59:50

Hi,

I'm seeing this on different machines running NetBSD/i386 3, 4 or
-current: running tcpdump(1) on lo0 shows all packets having bad
checksums:

$ sudo tcpdump -nv -s 0 -i lo0
tcpdump: WARNING: BIOCPROMISC: Invalid argument
tcpdump: listening on lo0, link-type NULL (BSD loopback), capture size 65535 bytes
18:42:59.570295 IP (tos 0x0, ttl 64, id 48526, offset 0, flags [DF], proto TCP (6), length 64, bad cksum 0 (->7f27)!) 127.0.0.1.64140 > 127.0.0.1.22: S, cksum 0xfe34 (incorrect (-> 0x3bdd), 1347073383:1347073383(0) win 32768 <mss 33152,nop,wscale 0,sackOK,nop,nop,nop,nop,timestamp 0 0>
18:42:59.570329 IP (tos 0x0, ttl 64, id 48527, offset 0, flags [DF], proto TCP (6), length 64, bad cksum 0 (->7f26)!) 127.0.0.1.22 > 127.0.0.1.64140: S, cksum 0x6a9f (correct), 1371635563:1371635563(0) ack 1347073384 win 32768 <mss 33152,nop,wscale 0,nop,nop,timestamp 0 0,sackOK,nop,nop>

IIUC `bad cksum' refers to the IP header checksum, and `cksum 0x....
(incorrect ...)' refers to the TCP header checksum, correct?

On another system:

$ sudo tcpdump -nv -s 0 -i lo0
tcpdump: WARNING: BIOCPROMISC: Invalid argument
tcpdump: listening on lo0, link-type NULL (BSD loopback), capture size 65535 bytes
[...]
18:46:45.345735 IP (tos 0x0, ttl  64, id 63053, offset 0, flags [none], length: 72, bad cksum 0 (->a5c4)!) 212.254.26.75.61351 > 212.254.26.75.53: [bad udp cksum 2b9f!]  51594+ PTR? 74.26.254.212.in-addr.arpa. (44)
18:46:45.346316 IP (tos 0x0, ttl  64, id 63054, offset 0, flags [none], length: 167, bad cksum 0 (->a564)!) 212.254.26.75.53 > 212.254.26.75.61351: [bad udp cksum 3e1f!]  51594 1/2/2 74.26.254.212.in-addr.arpa. PTR clam.salmi.ch. (139)

Same for UDP: bad checksums...

Is tcpdump right? If yes, why are these checksums invalid?

I only see packets with valid checksums when running tcpdump on
non-loopback interfaces on these systems.


TIA, Jukka

-- 
bashian roulette:
$ ((RANDOM%6)) || rm -rf ~