> From: Lars Eggert <lars.egg...@nokia.com>
> if a transport protocol is used for tunneling IP inside its payload, it
> no longer strictly needs to checksum-protect its payload *if* you
> require for the inner IP packet and its payload to be protected by some
> sort of checksum.
Yes, exactly. Inside a LISP user-data packet, you will find one of two things:
- An IPv4 packet, in which case that packet is protected against mis-delivery
by its IP header checksum. (The payload in the user's packet may not be
protected by a checksum, but IPv4 allows applications to make this choice.)
- An IPv6 packet, in which case that packet is protected against mis-delivery
and damage by its header+payload checksum.
There are no other cases.
The UDP checksum in the outer header on LISP user-data does nothing, is
expensive/impossible to compute (depending on the hardware), and therefore the
correct practical engineering choice is to not compute it.
> Nobody is going to implement a check that verifies that if a UDP
> checksum of zero is encountered, that the payload of this UDP packet
> contains an IP packet that has a payload that is protected by some
> checksum. It's just too complicated.
You don't need to. There cannot be anything in an LISP user-data packet
_except_ an IP packet of some sort (see above).
Noel
--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
