I was recently asked if OARC had any data on the percentage of DNS queries with bad or disabled UDP checksums. After a few days of crunching through the DITL 2009 data, I have the following results:
Data ProviderMatchedMismatchDisabled
afilias 99.02 0.85 0.12
apnic 99.89 0.01 0.10
arin 99.92 0.02 0.07
arl 99.28 0.62 0.10
as112-gf 99.91 0.00 0.09
cogent 52.30 47.66 0.04
cznic 73.50 26.40 0.10
icann 99.52 0.36 0.12
iis 97.58 2.36 0.06
isc 96.73 3.14 0.13
lacnic 99.79 0.01 0.19
namex 100.00 0.00 0.00
nasa 99.34 0.57 0.09
nethelp 99.90 0.06 0.05
niccl 53.94 46.01 0.04
nixcz 99.82 0.18 0.00
nominet 99.80 0.04 0.15
pktpush 69.29 26.04 4.67
regbr 98.30 1.48 0.22
ripe 98.81 1.07 0.12
switch 99.91 0.01 0.08
tix-or-tz 100.00 0.00 0.00
uninett 99.91 0.01 0.08
verisign 99.03 0.92 0.05
wide 99.58 0.36 0.06
Obviously, its interesting that most of the traces show 99% matching checksums, but a few have close to 25% or 50% with mismatches. I'm likely to suspect some kind of "middle boxes" (load balancers?) at play here, but have not yet investigated further.

Update

Mauricio from NIC Chile reports that most of their bad UDP checksums are from replies they send out. They have some Dell hardware running Linux. The Linux installation doesn't support certain NIC hardware features, such as checksum calculations. Hardware checksumming can be disabled with this command:
# ethtool --offload ethXX tx off