From owner-freebsd-net@freebsd.org  Fri Sep 25 13:42:58 2015
Return-Path: <owner-freebsd-net@freebsd.org>
Delivered-To: freebsd-net@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id C902AA09872
 for <freebsd-net@mailman.ysv.freebsd.org>;
 Fri, 25 Sep 2015 13:42:58 +0000 (UTC) (envelope-from rj@obsigna.com)
Received: from mo6-p00-ob.smtp.rzone.de (mo6-p00-ob.smtp.rzone.de
 [IPv6:2a01:238:20a:202:5300::5])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "*.smtp.rzone.de", Issuer "TeleSec ServerPass DE-2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 665CF1EF1
 for <freebsd-net@freebsd.org>; Fri, 25 Sep 2015 13:42:57 +0000 (UTC)
 (envelope-from rj@obsigna.com)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1443188574; l=745;
 s=domk; d=obsigna.com;
 h=Mime-Version:To:Date:Subject:Content-Transfer-Encoding:Content-Type:
 From; bh=dXP9SKw0VLNTZVhcWWXyD85XEc83PgnwhqtwBArp16I=;
 b=OAp7tp6GmRYwLWciMoA0tmZIlgaOZY7HSFGCBL0DjoW682G4LjV0dYmeVGA4O2Dh25i
 C27ik8eRXMRygIjFGfrzr3MR3TcsKUGP0xV3oWv+yLH6lrMOLOm6fismWPGJnw5rHlp/k
 VLX6Fb4rZD7HtsXmF2DVtEvUs3O0zaombgI=
X-RZG-AUTH: :O2kGeEG7b/pS1EK7WHa0hxqKZr4lnx6UhToX1IWHkW4X7v2ImaU2BqdKiuq0gOHBJBc=
X-RZG-CLASS-ID: mo00
Received: from mail.obsigna.com (bb033d4b.virtua.com.br [187.3.61.75])
 by smtp.strato.de (RZmta 37.12 DYNA|AUTH)
 with ESMTPSA id 903223r8PDgrchG
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (curve secp521r1 with
 521 ECDH bits, eq. 15360 bits RSA))
 (Client did not present a certificate) for <freebsd-net@freebsd.org>;
 Fri, 25 Sep 2015 15:42:53 +0200 (CEST)
Received: from rolf.projectworld.net (rolf.projectworld.net [192.168.222.5])
 (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mail.obsigna.com (Postfix) with ESMTPSA id 3DC9E14B90549
 for <freebsd-net@freebsd.org>; Fri, 25 Sep 2015 10:42:50 -0300 (BRT)
From: "Dr. Rolf Jansen" <rj@obsigna.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Subject: Clearance of checksum flags when decapsulating ESP packets 
Message-Id: <C5FB2A27-8FFE-4209-B2C2-53C0C8AD10B0@obsigna.com>
Date: Fri, 25 Sep 2015 10:42:48 -0300
To: freebsd-net@freebsd.org
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2104\))
X-Mailer: Apple Mail (2.2104)
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net/>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Sep 2015 13:42:58 -0000

Please, may I ask about the rationale behind the lines 1557 to 1562 in =
function udp4_espdecap() of file src/sys/netinet/udp_usrreq.c on  =
FreeBSD 10.2-RELEASE-p3.

=E2=80=A6
	/*
	 * We cannot yet update the cksums so clear any
	 * h/w cksum flags as they are no longer valid.
	*/
	 if (m->m_pkthdr.csum_flags & CSUM_DATA_VALID)
		m->m_pkthdr.csum_flags &=3D =
~(CSUM_DATA_VALID|CSUM_PSEUDO_HDR);
=E2=80=A6

I am specially interested in learning about possibly adverse effects on =
operating an IPsec and IPsec-NAT-T enabled kernel when leaving the =
checksum flags in place, i.e. removing the above lines from the file =
src/sys/netinet/udp_usrreq.c.

Many thanks in advance for any enlightment.

Best regards

Rolf Jansen