MoonPoint Support Logo

 

Shop Amazon Warehouse Deals - Deep Discounts on Open-box and Used ProductsAmazon Warehouse Deals



Advanced Search
December
Sun Mon Tue Wed Thu Fri Sat
        1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30 31
2016
Months
Jan Feb Mar
Apr May Jun
Jul Aug Sep
Oct Nov Dec


Sat, Dec 10, 2016 8:25 pm

tcpdump bad udp cksum 0x431e message

While troubleshooting a problem with Domain Name System (DNS) lookups on a CentOS 7 system, I ran tcpdump using the -vv option to get very verbose output. The output from tcpdump showed many "bad udp cksum 0x431b" messages.

# tcpdump -i enp1s4 -vv port 53
tcpdump: listening on enp1s4, link-type EN10MB (Ethernet), capture size 65535 by
tes
15:04:44.432784 IP (tos 0x0, ttl 64, id 18564, offset 0, flags [DF], proto UDP (
17), length 75)
    moonpoint.com.39018 > 208.67.220.220.domain: [bad udp cksum 0x431e -> 0x9f9d
!] 29085+ A? 248.13.189.1.sbl.spamhaus.org. (47)
15:04:44.433856 IP (tos 0x0, ttl 64, id 21529, offset 0, flags [DF], proto UDP (
17), length 73)

As explained at UDP / TCP Checksum errors from tcpdump & NIC Hardware Offloading by Sokratis Galiatsis "This is caused because you have checksum offloading on your network card (NIC) and tcpdump reads IP packets from the Linux kernel right before the actual checksum takes place in the NIC’s chipset. That’s why you only see errors in tcpdump and your network traffic works ok."

[ More Info ]

[/os/unix/programs/network/tcpdump] permanent link

Valid HTML 4.01 Transitional

Privacy Policy   Contact

Blosxom logo