Re: [Rtg-dt-encap-considerations] draft-rtg-dt-encap-02 for review

"Larry Kreeger (kreeger)" <> Wed, 20 May 2015 22:34 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id F3C7E1AC3A0 for <>; Wed, 20 May 2015 15:34:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -14.511
X-Spam-Status: No, score=-14.511 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id DKN6wQ-yCoB0 for <>; Wed, 20 May 2015 15:34:58 -0700 (PDT)
Received: from ( []) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 230CE1ABD3B for <>; Wed, 20 May 2015 15:34:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;;; l=2012; q=dns/txt; s=iport; t=1432161298; x=1433370898; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=RKAIesyWmUV6S8uYMUgT7Eg/vUE+k1MKuF+kI2NzmI0=; b=ULhFr6bTY7y1cSB/jcGiixKuTizsochoVi5j3DIt74+tjRkvoGIvo0RX hIEGXI5vRw2urp5Niao7J1HsRq0sDTPL6IC5g+HJGzY0t3FeQG7fsOc4P uE8xtHcj9et9x7aGHX59oYr1z3HL2zRf/12NAqjhEe9mFa/Lv8/Ir/294 I=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="5.13,466,1427760000"; d="scan'208";a="579033"
Received: from ([]) by with ESMTP; 20 May 2015 22:34:57 +0000
Received: from ( []) by (8.14.5/8.14.5) with ESMTP id t4KMYvf7010638 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Wed, 20 May 2015 22:34:57 GMT
Received: from ([]) by ([]) with mapi id 14.03.0195.001; Wed, 20 May 2015 17:34:57 -0500
From: "Larry Kreeger (kreeger)" <>
To: Tom Herbert <>, Erik Nordmark <>
Thread-Topic: [Rtg-dt-encap-considerations] draft-rtg-dt-encap-02 for review
Thread-Index: AQHQjm/4os07u12chEOyOvSlkY94M52EMU2AgAE2IYCAAGgAgP//jJ0A
Date: Wed, 20 May 2015 22:34:56 +0000
Message-ID: <>
References: <> <> <> <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
user-agent: Microsoft-MacOutlook/
x-originating-ip: []
Content-Type: text/plain; charset="us-ascii"
Content-ID: <>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <>
Cc: "" <>
Subject: Re: [Rtg-dt-encap-considerations] draft-rtg-dt-encap-02 for review
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Routing Area Design Team on Encapsulation Considerations discussion list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 20 May 2015 22:35:00 -0000

Hi Tom,

Why do you see it as a problem for a device that can't support UDP
checksum checking to ignore the non-zero checksum rather than requiring
the sender to explicitly set the checksum to zero.  The biggest problem I
see with requiring dropping of non-zero checksum is when multicast is
being used in the underlay because packets may be delivered to tunnel
endpoints where some can check the checksum and some cannot.  It also
means that every encapsulator must know the capability of the receiver.

 - Larry

On 5/20/15 3:28 PM, "Tom Herbert" <> wrote:

>>> Would change "Avoid full packet checksums in encapsulation if
>>> possible" to "Avoid full packet checksums in cases where necessary
>>> devices cannot support them"
>> I don't know what others think, but that seems to be confusing. It
>>seems to
>> imply that some devices are sub-standard and can be fixed, when in fact
>> is impossible to do a full packet checksum, where the checksum is
>>placed in
>> the header, in a low-latency cut-through device.
>Note this only applies to devices terminating encapsulation, not to
>other middleboxes or switches in the underlay path. Also, w.r.t. UDP
>encapsulation we already have several protocols that provide the
>answer: UDP checksums on TX are optional for IPv4 and optional for
>IPv6 only under the requirements of RFC6935 and RFC6936. This allows
>for hardware that does not support UDP checksum to be deployed, but
>hopefully with awareness by an administrator as to the tradeoffs of
>disabling checksums. There are no provisions to ignore checksums on
>receive, so if a device does not support UDP checksums sees a non-zero
>checksum it should drop the packet (IMO VXLAN allowing RX checksums to
>be ignored is not correct).
>Rtg-dt-encap-considerations mailing list