> > [18:45:09.393548 (authentic,confidential): SPI 0xf0ded495: 185.165.169.74 > > 188.194.145.145: 10.0.4.2.15461 > 10.0.1.50.10025: S [tcp sum ok] > 942633060:942633060(0) win 16384 <mss 65496,nop,nop,sackOK,nop,wscale > 6,nop,nop,timestamp 97396526 0> (DF) (ttl 64, id 49904, len 64) (ttl 52, id > 19763, len 84) > 18:45:09.393583 (authentic,confidential): SPI 0x9aa6e013: 188.194.145.145 > > 185.165.169.74: 10.0.4.2.15461 > 10.0.1.50.10025: S [tcp sum ok] > 942633060:942633060(0) win 16384 <mss 1440,nop,nop,sackOK,nop,wscale > 6,nop,nop,timestamp 97396526 0> (ttl 63, id 51282, len 64) (ttl 64, id > 2434, len 84, bad ip cksum 0! -> bfe0) >
Isn't "0" for checksum a typical sign of "the outgoing IP queue did not run checksum in software because the network driver has hardware-offloading for it" and tcpdump can never see that? See if you can grab the same packet from both sides and see if it's correct when it arrives. -- May the most significant bit of your life be positive.
