* John Heffner:
> Currently with many common Ethernet devices in Linux, hardware TCP
> checksumming is enabled by default. This seems fairly dangerous to me.
> Most link layer checksums are much stronger than the TCP/UDP checksum;
> most bit errors are caught by these. However, one of the primary purposes
> of the TCP/UDP checksum is to detect errors occurring outside the
> protection of the link layer checksums -- errors when data is reassembled
> or copied across busses inside hosts and routers.
The IP checksum is quite bad at catching those, though. Broken memory
banks or busses tend to introduce bit errors in distances which are
multiples of 16 bits (something like 64 or 256). Because of the way
the IP checksum works, two such errors in the same packet cancel out
and go undetected.
I was once on the receiving end of such packets, and I can tell you
it's not a fun thing to debug. 8-(
|