[Openswan dev] A question about NAT-OA

Paul Wouters paul at xelerance.com
Mon Nov 29 11:41:12 EST 2010


On Sun, 28 Nov 2010, Kevin Wilson wrote:

> Hello,
>  I saw that when working in transport mode and
> using NAT-traversal, you should send in the two first Quick mode IKE message
> the OA (original address) of one side. This should be received by the
> other side and used for checksum calculation (since the original address
> was changed by a NAT).
>
> My question is: where is this checksum calculation done ? is it done
> in the kernel ? I tried for hours to find where is the Linux kernel
> stack this is done, and I could not find anything.
>
> I would appreciate if somebody can point me.

I guess the UDP 4500 packet checksum is dealth with in the regular udp.c
code? the ESP payload will be checked to validate, but I am not sure if
there is any further checksum checking.

Paul


More information about the Dev mailing list