Hi My DNS server is available via a wireguard interface. Because of many requests I did a tcpdump on the traffic and found messages like.
14:05:34.881307 IP (tos 0x0, ttl 63, id 33826, offset 0, flags [DF], proto UDP (17), length 54) 10.99.97.15.53628 > 10.99.97.17.domain: [bad udp cksum 0xd719 -> 0x6360!] 8446+ A? postgres. (26) I could turn that messages off with turning off check validation on the interface ethtool -K wg0 tx off rx off Actual changes: rx-checksumming: off tx-checksumming: off tx-checksum-ip-generic: off The tcpdump traffic looks now like this 14:08:36.494987 IP (tos 0x0, ttl 63, id 61627, offset 0, flags [DF], proto UDP (17), length 54) 10.99.97.15.40185 > 10.99.97.17.domain: [udp sum ok] 1324+ A? postgres. (26) I want to know if the behavior described above with the checksum errors is to be expected? Or is it necessary to turn those checks off on all the interfaces? BR ybaumy
_______________________________________________ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
