Harley Stenzel wrote:
On Nov 6, 2007 2:03 PM, Rick Jones <[EMAIL PROTECTED]> wrote:
Any thoughts as to how to deal with false checksum failure reports for outbound
traffic being sniffed on a system with ChecKsum Offload (CKO)? It seems that
linux has a flag they can set when capturing the packet that would tell us, not
sure what other platforms might have
Love it. It would be very nice to know if a packet's checksum will be
calculated in a CKO card.
These are some of the specifics courtesy of folks over in the linux netdev
mailing list:
The thing to check is "TP_STATUS_CSUMNOTREADY".
When using mmap(), it will be provided in the descriptor. When using
recvmsg() it will be provided via a PACKET_AUXDATA control message
when enabled via the PACKET_AUXDATA socket option.
I have tried to take a quick first look at the pcap code for linux but wasn't in
the correct frame of mind and so got lost rather quickly.
Without a corresponding change to the binary file format (as in find a spare bit
somewhere) the change would initially be limited to "live" tracing. Not a
complete solution, but a step in the right direction.
Meanwhile, making certain that the docs/manpage etc call-out that tracing on a
CKO capable system/NIC will result in false checksum failure reports for
outbound traffic would be goodness. I suppose I should have checked if that was
already there before typing the previous sentence, but there you go :)
rick jones
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
