On Tue, 30 Jun 2020 20:40:10 -0600
"Theo de Raadt" wrote:
> Matt Dunwoodie wrote:
>
> > Depends on your definition of significant, I've seen 1-3% throughput
> > improvement without the patch.
>
> > Real networks require statistics, which you want to throw away.
>
> > Overall, it is still
Matt Dunwoodie wrote:
> Depends on your definition of significant, I've seen 1-3% throughput
> improvement without the patch.
> Real networks require statistics, which you want to throw away.
> Overall, it is still debatable whether to skip the IPv4 checksum as
> modern crypto certainly offers
On Tue, 30 Jun 2020 09:22:18 +1200 (NZST)
richard.n.proc...@gmail.com wrote:
> Hi Jason,
>
> On 27/06/2020, at 10:09 PM, Jason A. Donenfeld
> wrote:
> > [...] I thought I'd lay out my understanding of the matter,
> > and you can let me know whether or not this corresponds with what
> > you had
On Tue, Jun 30, 2020 at 09:22:18AM +1200, richard.n.proc...@gmail.com wrote:
> Hi Jason,
>
> On 27/06/2020, at 10:09 PM, Jason A. Donenfeld wrote:
> > [...] I thought I'd lay out my understanding of the matter,
> > and you can let me know whether or not this corresponds with what you
> > had
Hi Jason,
On 27/06/2020, at 10:09 PM, Jason A. Donenfeld wrote:
> [...] I thought I'd lay out my understanding of the matter,
> and you can let me know whether or not this corresponds with what you
> had in mind:
> [...]
My main concern is the end-to-end TCP or UDP transport checksum of the
> - Therefore, it's not necessary to check the IP checksum on ingress because:
There is actually a really good reason.
There are various counters (of all packets) which people observe to debug
network problems.
Now, if lower-level packets carrying wg with corruption don't increment
those
Hi Richard,
Thanks for the patch. I had problems parsing some terminology in your
description, so I thought I'd lay out my understanding of the matter,
and you can let me know whether or not this corresponds with what you
had in mind:
- On egress, we must compute the packet checksum, because it
