IETF Logo Mail Archive

RE: [tsvwg] Milestones changed for tsvwg WG

jnc@mercury.lcs.mit.edu (Noel Chiappa) Wed, 08 January 2014 23:32 UTC

Return-Path: <jnc@mercury.lcs.mit.edu>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B58B01ADBCE; Wed, 8 Jan 2014 15:32:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.738
X-Spam-Level:
X-Spam-Status: No, score=-4.738 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.538] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A_402t1afOl9; Wed, 8 Jan 2014 15:32:45 -0800 (PST)
Received: from mercury.lcs.mit.edu (mercury.lcs.mit.edu [18.26.0.122]) by ietfa.amsl.com (Postfix) with ESMTP id AA4201ADBCD; Wed, 8 Jan 2014 15:32:45 -0800 (PST)
Received: by mercury.lcs.mit.edu (Postfix, from userid 11178) id 1651018C15B; Wed, 8 Jan 2014 18:32:36 -0500 (EST)
To: ietf@ietf.org, lisp@ietf.org, tsvwg@ietf.org
Subject: RE: [tsvwg] Milestones changed for tsvwg WG
Message-Id: <20140108233236.1651018C15B@mercury.lcs.mit.edu>
Date: Wed, 08 Jan 2014 18:32:36 -0500
From: jnc@mercury.lcs.mit.edu
Cc: jnc@mercury.lcs.mit.edu
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Jan 2014 23:32:47 -0000

    > From: <l.wood@surrey.ac.uk>

    > from http://tools.ietf.org/html/draft-ietf-lisp-introduction-03
    >
    >   The UDP checksum is zero because the inner packet usually already has
    >   a end-end checksum, and the outer checksum adds no value.  [Saltzer]

    > (That's a misreading of Saltzer - the UDP checksum is also protecting
    > against misdelivery and pseudoheader corruption

If the content above the UDP header in this case were that of some sort of
application, you'd be right.

But it's not.

The UDP, outer and inner IP headers of LISP _together_ are effectively a
layer three header ('get the packet from the source host to the destination
host - and that's all, ffffolks - no reliability of any kind'). So the fact
that it's not providing protection against misdelivery is... _exactly_ like
the service that bare IPvN provides.

In fact, since IPv6 doesn't even _have_ a header checksum, UDP in LISP is
doing exactly what IPv6 does. Are you now claiming that IPv6 is fundamentally
defective because it doesn't have a header checksum to guard against packet
mis-delivery?

    > and 'usually' is not a good defence

To say it at slightly greater length, 'the inner packet _either_ already has
an end-end checksum (the usual case), in which case adding another one is of
little or no value, _or_ the sender deliverately sent their packet _without_
an end-end checksum, in which case they are _no worse off_ than they were
before the packet was encapsulated'.

It's not the internetwork layer's job to second-guess the users; we can assume
that if someone sent a packet without an end-end checksum, they must have
worked out that for whatever they are doing, it's OK to leave it out.


Note that I am solely answering regarding the omission of UDP checksums when
UDP is used as part of the internetworking layer, for encapsulating traffic.
I have not considered, and make no statement about, use of zero checksums
in other ways/places.

	Noel

v2.23.0 | Report a Bug | By Email