On Mon, Jan 27, 2014 at 8:19 AM, Simon Perreault < simon.perrea...@viagenie.ca> wrote:
> Le 2014-01-25 14:40, Richard Procter a écrit : > > I'm not saying the calculation is bad. I'm saying it's being >> calculated from the wrong copy of the data and by the wrong >> device. And it's not just me saying it: I'm quoting the guys >> who designed TCP. >> > > Those guys didn't envision NAT. > > If you want end-to-end checksum purity, don't do NAT. > > Simon > > Relying on TCP checksums is risky - they are too weak. I live at the end of a wireless link that starts at around 7K feet elevation, goes over a 12K foot ridge, lands at my neighbors roof at 10k feet and then bounces across the street to my house. At one point I was having lots of issues with data corruption - updates failing, even images on web pages going technicolor half way through the download. The ISP ultimately determined there was a bad transmitter and replaced it. The corruption was so severe that it was overwhelming the TCP checksums to the point that as far as TCP was concerned it was delivering good data (just not the same data twice :-). Until they fixed the issue I was able to run a proxy over ssh which gave me slower but reliable network service. -N