Checksum is an error-checking mechanism that uses a byte or sequence of bytes inserted in the packet to implement a frame verification algorithm. The principle of error-checking algorithms is to calculate a formula over the entire message (layer 4), packet (layer 3), or frame (layer 2). They insert the result in the bytes inside the packet, and when the packet arrives at the destination, they calculate it again. If we get the same result, it is a good packet, and if not, there is an error. The error-checking mechanism can be calculated over the entire packet or over just the header; it depends on the protocol.

Offload mechanisms are mechanisms on which the IP, TCP, and UDP checksums are calculated on the NIC just before they are transmitted to the wire. In Wireshark, these show up as error packets, because Wireshark captures packets before they are sent to the network adapter; therefore it will not see the correct checksum, as it has not been calculated yet.

For this reason, even though it might look like severe errors, in many cases checksum errors are Wireshark errors of misconfiguration. If you see many checksum errors on packets that are sent from your PC, it is probably because of the offload.

For canceling the checksum validation:

• For IPv4, when you see many checksum errors and you are sure they are due to the offload, go to Edit | Preferences, and under Protocols | IPv4, unmark the radio button: Validate the IPv4 checksum if possible
• For TCP, when you see many checksum errors and you are sure they are due to the offload, go to Edit | Preferences, and under Protocols | TCP, unmark the radio button: Validate the TCP checksum if possible