On Wed, Aug 5, 2009 at 3:32 PM, Margaret Wasserman<m...@sandstorm.net> wrote: > > On Aug 5, 2009, at 2:54 PM, Christopher Morrow wrote: >> >> What was the original reason for removing the ability to do zero >> checksums on udp in v6? Are we sure that that decision is still >> sensible/appropriate in today's internet/world? > > I have not been around long enough to have been there when that decision was > made. However, it has been revisited several times, so I've heard the > re-hashed reasons... > > The removal of the IPv6 header checksum was done so that routers would not > have to updated it on a hop-by-hop basis when they changed the IP TTL. > Also, the IP header checksum calculation was seen as redundant for most > traffic (TCP and UDP with checksums enabled), and people wanted to avoid the > extra processing.
The 'extra processing' is done today in v4 though, right? and apparently not a huge problem for routers even at line-rate 10/40G? > However, there was concern that the removal of the IP header checksum in > IPv6 would lessen the protection of the source/destination IP addresses and > result in a significant (a multiplier of ~32,000) increase in the number of > times that a UDP packet was accidentally delivered to the wrong destination > address and/or apparently sourced from the wrong source address when UDP > checksums were set to zero -- at the time there were vendors who shipped > their IP stacks with UDP checksums turned off by default. There was concern > that this would result in misdelivery of data to UDP applications (dropped Does this happen today with any appreciable frequency? (on packets without udp checksum, say that come from edonkey/emule or other sources of zero/no checksum on udp) > connections or even corrupted data -- we all saw this when NFS data was > corrupted on the wire), in replies sent to nodes that didn't send a request > (perhaps interrupting valid exchanges), and/or in ICMP errors sent to nodes > that didn't send the packet that generated the error (perhaps resulting in > dropped communications or unintelligible user errors). This I don't recall at all... I think part of my question is we (as a group) are assuming that the reasons for requiring ipv6 udp checksums as stated +10 years ago are still valid, I don't see data supporting that fact. -Chris > The solution for this concern was to mandate UDP checksums for IPv6, so that > the IP source and destination addresses would be protected by the UDP > pseudo-header checksum. > > There might be other solutions that we could implement in LISP that would > eliminate these concerns, as well. -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
