Date: Tue, 28 Jun 2011 11:48:34 +0200 From: Benoit Panizzon <benoit.panizzon@imp.ch> To: freebsd-net@freebsd.org Subject: udp checksum implementation error in FreeBSD 7.2? Message-ID: <201106281148.36754.benoit.panizzon@imp.ch>
next in thread | raw e-mail | index | archive | help
--nextPart6617720.nWCGMWR6Ov Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Hi We are running a DHCP Server on a FreeBSD 7.2-RELEASE-p4 box. This works for most of our customers, except ones with some kind of SonicWa= ll=20 =46irewalls. We have analyzed the problem with the sonicwall tech support: We found the problem being in the sonicwall setting a UDP checksum of 0x000= 0=20 for DHCP Requests. According to the RFC this is a valid value and tells the receiving UDP stac= k=20 not to check the checksum: http://www.faqs.org/rfcs/rfc768.html If the value is different from 0x0000 the receiving UDP stack can perform a= =20 checksum check and if this fails, silently drop that packet. What we observe is: DHCP Request with UDP checksum set =3D> Packet reaches DHCP Daemon and is b= eing=20 answered. DHCP Request with UDP checksum 0x0000 =3D> ICMP Port Unreachable from FreeB= SD. Can someone confirm this non RFC conform behaviour and knows how to fix it? As I understand, setting net.inet.udp.checksum to zero would not fix the=20 problem, as this is only for packet generation. Kind regards Benoit Panizzon =2D-=20 I m p r o W a r e A G - =20 ______________________________________________________ Zurlindenstrasse 29 Tel +41 61 826 93 07 CH-4133 Pratteln Fax +41 61 826 93 02 Schweiz Web http://www.imp.ch ______________________________________________________ --nextPart6617720.nWCGMWR6Ov--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201106281148.36754.benoit.panizzon>