Hi all, I have concerns regarding the way in which the checksum for VRRPv3 messages is defined in RFC 5798<https://tools.ietf.org/html/rfc5798>. The corresponding text in Section 5.2.8 goes as following:
The checksum is the 16-bit one's complement of the one's complement sum of the entire VRRP message starting with the version field and a "pseudo-header" as defined in Section 8.1 of [RFC2460]<https://tools.ietf.org/html/rfc2460#section-8.1>. The next header field in the "pseudo-header" should be set to 112 (decimal) for VRRP. For computing the checksum, the checksum field is set to zero. See RFC1071<https://tools.ietf.org/html/rfc1071> for more detail [RFC1071<https://tools.ietf.org/html/rfc1071>]. My concern with this text that its definition of the pseudo-header refers to Section 8.1 of RFC 2460 "IPv6 Specification". What's more, the referenced Section 8.1 "Upper-Layer Checksums" begins with the following text: Any transport or other upper-layer protocol that includes the addresses from the IP header in its checksum computation must be modified for use over IPv6, to include the 128-bit IPv6 addresses instead of 32-bit IPv4 addresses. To me this means that the checksum definition in RFC 5798 is unambiguous when VRRPv3 is used over IPv6, but becomes problematic if VRRPv3 is used over IPv4: 1. The referenced definition of the pseudo-header is IPv6-specific 2. VRRPv2 as defined in RFC 3768<https://www.ietf.org/rfc/rfc3768.txt> does not include pseudo-header in its checksum definition, so the modification mentioned in the quoted fragment from Section 8.1 of RFC 2460 does not seem to directly apply. I am aware of at least one widely deployed implementation of VRRPv3 for IPv4 that does not include the pseudo-header in its checksum computation. At the same time I am also aware of other implementations that include pseudo-header in the VRRPv3 checksum when it runs over IPv4. Needless to say, such implementations are not interoperable. This looks to me as an indication of validity of my concerns. I wonder if this issue deserves an erratum. Your feedback would be highly appreciated. Regards, Sasha Office: +972-39266302 Cell: +972-549266302 Email: [email protected]
_______________________________________________ rtgwg mailing list [email protected] https://www.ietf.org/mailman/listinfo/rtgwg
