Henning Brauer <lists-open...@bsws.de> wrote: > > This fundamentally weakens its usefulness, though: a correct > > checksum now implies only that the payload likely matches > > what the last NAT router happened to have in its memory, > > whereas the receiver wants to know whether what it got is > > what was originally transmitted. > > we receive a packet with correct cksum -> NAT -> packet goes out with > correct cksum. > we receive a packet with broken cksum -> NAT -> we leave the cksum > alone, i. e. leave it broken.
The point Richard may be trying to make is that a packet may be corrupted in memory on the NAT gateway (e.g. RAM error, buggy code writing into random location), and that regenerating the checksum hides such corruption. -- Christian "naddy" Weisgerber na...@mips.inka.de