Re: The TCP and UDP checksum algorithm may soon need updating

Michael Richardson <mcr+ietf@sandelman.ca> Mon, 08 June 2020 00:59 UTC

Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4C8BD3A0864 for <ietf@ietfa.amsl.com>; Sun, 7 Jun 2020 17:59:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vwQLvTYCCuL6 for <ietf@ietfa.amsl.com>; Sun, 7 Jun 2020 17:59:36 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6B79B3A0863 for <ietf@ietf.org>; Sun, 7 Jun 2020 17:59:36 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by tuna.sandelman.ca (Postfix) with ESMTP id 7F085389B6; Sun, 7 Jun 2020 20:57:07 -0400 (EDT)
Received: from tuna.sandelman.ca ([127.0.0.1]) by localhost (localhost [127.0.0.1]) (amavisd-new, port 10024) with LMTP id d9QNVMXtc4DL; Sun, 7 Jun 2020 20:57:05 -0400 (EDT)
Received: from sandelman.ca (obiwan.sandelman.ca [209.87.249.21]) by tuna.sandelman.ca (Postfix) with ESMTP id 6BF01389A2; Sun, 7 Jun 2020 20:57:05 -0400 (EDT)
Received: from localhost (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 3CFE5213; Sun, 7 Jun 2020 20:59:32 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: Craig Partridge <craig@tereschau.net>, IETF discussion list <ietf@ietf.org>
Subject: Re: The TCP and UDP checksum algorithm may soon need updating
In-Reply-To: <CAHQj4CdopwpEfyuOVO3ZywTKveQMpnt_WPh_JDRydgNKHVVmhw@mail.gmail.com>
References: <CAHQj4Cf_vgXYEL=x4DCEnpwNxZpJQSD-h6MWmhMWpYwPF9XFow@mail.gmail.com> <0D18B54B-2865-4A3C-813B-595EA17F6D8B@gmail.com> <32750.1591376396@localhost> <CAHQj4CdopwpEfyuOVO3ZywTKveQMpnt_WPh_JDRydgNKHVVmhw@mail.gmail.com>
X-Mailer: MH-E 8.6+git; nmh 1.7+dev; GNU Emacs 26.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Date: Sun, 07 Jun 2020 20:59:32 -0400
Message-ID: <3091.1591577972@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/qI8bAb1ptLBuQqQccZLbkdruxy8>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Jun 2020 00:59:38 -0000

Thank you for these references. 1 in 121. wow.

Craig Partridge <craig@tereschau.net> wrote:
    > Anecdotally, folks are reporting some middlebox vendors are not
    > updating the TCP checksum but rather letting the outbound interface
    > simply recompute the entire checksum -- which means that if the TCP
    > segment gets damaged during middlebox handling, the middlebox will slap
    > a valid checksum on bad data.

Seems like an argument for anyone dealing with large data transfers to
consider IPv4 End of Life.  IPv6 is here... Use it.

(I'd wish that this also meant using IPsec AH, which we could probably
do with IPv6, but we never got useful APIs.  Insert Sad-Poo Emoji)


--
Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
 -= IPv6 IoT consulting =-