IP header checksum: 0x0000

networking header ip checksum traffic
My-Name-Is picture My-Name-Is · May 29, 2013 · Viewed 19.4k times · Source

I have a JAX-RS web service which is secured via TLS. Hence encryption is very important I decided to check the network traffic with RawCap and analyze it with WireShark. Doing this, I stumbled over the following message:

Header checksum: 0x0000 [incorrect, should be 0xac15 (may be caused by "IP checksum offload"?)]
  1. What is the reason for this message?
  2. Are there any further consequences?

I'm pretty sure that it isn't a problem with my RESTEasy client, because retrieving a ressource via FireFox causes the same message.

Answer

Eugen Rieck picture Eugen Rieck · May 29, 2013

This doesn't come from your application - it is caused by the TCP/IP stack. Many implementations do not (or not always) fill in the header checksum, leaving it a 0x0000.

As Wireshark indicated, one reason for this is, that some combinations of OS and NIC driver make the OS think, that the checksum will be filled in by the NIC (hardware-accelerated), but in fact it will be not.

This is not a real problem, as long as your transmission path is reliable. AFAIK it is not a security risk.

Related questions

Android AsyncHttpClient, unable to find symbol class Header

I'm trying to create asynchronous rest call in Android using a library com.loopj.android.http.AsyncHttpClient however, i'm unable to implement AsyncHttpResponseHandler's overridden methods because Android Studio cannot find an appropriate import for Header class How can I resolve …

Read More
How can you find out which process is listening on a port on Windows?

How can you find out which process is listening on a port on Windows?

Read More
How to get a list of all valid IP addresses in a local network?

Is there a way to get a list of all valid IP addresses in a local network? I mean all IP addresses that each user is using in the network.

Read More