> > What happened to being conservative with what we send and permissive > with what we receive? > > > > It seems that the direct application should be: > > > > 1) Be conservative: hosts should not send UDP packets with null > checksums. > > 2) Permissive: gateways who receive UDP packets with null checksum > should compute a checksum based on the received bytes, and then forward > the packet. > > > > I understand there may be resource limits on gateways, and that the > UDP checksum compute requirement might throw the packet back to some > kind of slow path, with potential packet loss due to congestion. But > that's way better than a black hole. > > The problem is *fragmented* IPv4 UDP packets with zero checksum; the > translator would have to reassemble them.
The fragmentation issue is different from the zero-checksum issue. Many IPv4 NAT drop fragmented packets already. They rely on port numbers to find the mappings, fragments don't carry port numbers, so fragments get dropped. Application developers ought to know by now that sending large UDP packets over IPv4 is problematic. -- Christian Huitema -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------