> Again, it's not just me saying it: "...checksums are used by > higher layers to ensure that data was not corrupted in > intermediate routers or by the sending or receiving host. > The fact that checksums are typically the secondary level of > protection has often led to suggestions that checksums are > superfluous. Hard won experience, however, has shown that > checksums are necessary. Software errors (such as buffer > mismanagement) and even hardware errors (such as network > adapters with poor DMA hardware that sometimes fail to fully > DMA data) are surprisingly common [let alone memory faults! > RP] and checksums have been very useful in protecting > against such errors."[0]
Richard, your use of this quote is tantamount to declaring that Henning has disabled or otherwise gutted checksums. He has not disabled checksums. There was a method of converting an in-bound checksum, due to NAT conversion, into a new out-bound checksum. A process is required, it's how NAT works. A new method of version is being used. It is mathematically equivelant to the old method. The quote above is about disabling checksums. Checksums have not been disabled, in any way. New checksums are not being invented out of anyone's ass for old packets. I believe you are posting cast aspersions on the pf efforts. Your repeated attempts to false aspersion are only reflecting back on you.
