On Aug 5, 2009, at 2:54 PM, Christopher Morrow wrote:
What was the original reason for removing the ability to do zero checksums on udp in v6? Are we sure that that decision is still sensible/appropriate in today's internet/world?
I have not been around long enough to have been there when that decision was made. However, it has been revisited several times, so I've heard the re-hashed reasons...
The removal of the IPv6 header checksum was done so that routers would not have to updated it on a hop-by-hop basis when they changed the IP TTL. Also, the IP header checksum calculation was seen as redundant for most traffic (TCP and UDP with checksums enabled), and people wanted to avoid the extra processing.
However, there was concern that the removal of the IP header checksum in IPv6 would lessen the protection of the source/destination IP addresses and result in a significant (a multiplier of ~32,000) increase in the number of times that a UDP packet was accidentally delivered to the wrong destination address and/or apparently sourced from the wrong source address when UDP checksums were set to zero -- at the time there were vendors who shipped their IP stacks with UDP checksums turned off by default. There was concern that this would result in misdelivery of data to UDP applications (dropped connections or even corrupted data -- we all saw this when NFS data was corrupted on the wire), in replies sent to nodes that didn't send a request (perhaps interrupting valid exchanges), and/or in ICMP errors sent to nodes that didn't send the packet that generated the error (perhaps resulting in dropped communications or unintelligible user errors).
The solution for this concern was to mandate UDP checksums for IPv6, so that the IP source and destination addresses would be protected by the UDP pseudo-header checksum.
There might be other solutions that we could implement in LISP that would eliminate these concerns, as well.
Margaret -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
