Date: Wed, 5 Feb 1997 11:00:53 -0800 (PST) From: Archie Cobbs <archie@whistle.com> To: cmott@srv.net (Charles Mott) Cc: brian@utell.co.uk, julian@whistle.com, eivind@dimaga.com, brian@awfulhak.demon.co.uk, ari.suutari@ps.carel.fi, hackers@freebsd.org Subject: Re: Single socket version of natd Message-ID: <199702051900.LAA23732@bubba.whistle.com> In-Reply-To: <Pine.BSF.3.91.970204100202.8654C-100000@darkstar> from Charles Mott at "Feb 4, 97 10:17:41 am"
next in thread | previous in thread | raw e-mail | index | archive | help
> > With a "leave the sum alone option", natd could pass the packet
> > with the zero'd ip_sum to PacketAliasIn() and know that it has
> > to calculate it itself afterwards....
>
> Why does the kernel zero the checksum?
The kernel leaves the checksum zero because:
(a) When a packet comes in, the way the checksum is verified
is to checksum the packet as is and replace the checksum.
If the original checksum was valid, then the new checksum
will be zero. So the checksum field is already zero before
the divert code even gets the packet.
(b) Packets being diverted are often mangled, so the checksum
has to be recomputed anyway. So having the divert code
recompute the checksum before sending it up would just
be useless extra work.
The "right" thing to do would be to modify the kernel so that
checking checksums does not replace the original packet checksum.
This should be easy enough.
-Archie
___________________________________________________________________________
Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702051900.LAA23732>