[Openswan dev] NAT-keepalive packet and UDP checksum
markryde at gmail.com
Fri Oct 22 01:58:53 EDT 2010
I had made some tests with OpenSwan when the clients were behind a
nat, using nat-traversal and UDP encapsulation.
There are NAT-keepalive packets sent from OpenSwan clients on UDP port 4500.
I saw in the sniffer that the UDP checksum is not zero.
This is in contradiction to the RFC 3948,
"the IPv4 UDP Checksum SHOULD be transmitted as a zero value, and
receivers MUST NOT depend upon the UDP checksum being a zero value"
More information about the Dev