[Openswan Users] 2.4.5 klips mtu issue

Matthias Haas matthias at pompase.net
Fri Apr 14 17:53:57 CEST 2006

Hello Paul,
I already found that piece of code. It is positioned where checksum for the 
udp packet is recalculated at ipsec_rcv.c at line 929. This caluclates the 
wrong checksum. As udp also allows 0 checksum I did a test by simply setting 
the checksum to 0 and it all worked automagically :-).
But this is only a dirty hack.
I am currently working on that issue to get a correct checksum.
As this has somehing to do with NATT and Transport-mode this could also affect 
tcp packages which are handled a little bit above. But this should have 
happend more often as it is not related to l2tp. Therefore I have a look at 
it too adn if you do not mind I might try to fix it. :-)


Am Donnerstag, 13. April 2006 17:47 schrieb Paul Wouters:
> On Thu, 13 Apr 2006, Matthias Haas wrote:
> > Will this patch be applied to one of the next xl2tpd versions?
> Something similar, so that there will be a configure option for it, yes.
> > By the way did anyone test the natted l2tp server patch with kernel 2.4.
> > I always get wrong udp checksums for the carrying udp packets to port
> > 1701.
> This bug has been reported to us. We're making a testcase and then we will
> fix the bug. It should be in 2.4.6.
> Paul

More information about the Users mailing list