Re: [TERNLI] Forwarding corrupt packets

Gorry Fairhurst <> Mon, 04 September 2006 13:05 UTC

Received: from [] ( by with esmtp (Exim 4.43) id 1GKE8c-0005QJ-Ic; Mon, 04 Sep 2006 09:05:18 -0400
Received: from [] ( by with esmtp (Exim 4.43) id 1GKE8b-0005PG-Mo for; Mon, 04 Sep 2006 09:05:17 -0400
Received: from [2001:630:241:204:203:baff:fe9a:8c9b] ( by with esmtp (Exim 4.43) id 1GKE8a-00065W-8n for; Mon, 04 Sep 2006 09:05:17 -0400
Received: from [] ( []) by (8.13.4/8.13.4) with ESMTP id k84D570S018983; Mon, 4 Sep 2006 14:05:07 +0100 (BST)
Message-ID: <>
Date: Mon, 04 Sep 2006 14:05:08 +0100
From: Gorry Fairhurst <>
Organization: University of Aberdeen, UK
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.7.2) Gecko/20040804 Netscape/7.2
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Michael Tuexen <>
Subject: Re: [TERNLI] Forwarding corrupt packets
References: <> <> <> <> <> <> <> <>
In-Reply-To: <>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
X-ERG-MailScanner: Found to be clean
X-Spam-Status: No
X-Spam-Score: -2.8 (--)
X-Scan-Signature: 0ddefe323dd869ab027dbfff7eff0465
Cc:, Joe Touch <touch@ISI.EDU>
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Transport-Enhancing Refinements to the Network Layer Interface <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>

So, I had missed this being discussed (sorry).

I'm quite confused about several things:

* In Section 3 it says:
    The SCTP endpoint can inform its peer that it has received an SCTP
    packet, but the CRC-32 was wrong.

I presume though that the receiver can somehow verfy that the original 
packet has been sent with a particular IP source, and protocol. How?

I'm curious also here how you know some details

* How do you find the process to respond to (since ports are not 
protected by an IP checksum)?

* How do you verify this isn't a third-party DoS attack, because 
presumably you can't rely on sequence numbers, ports, etc to help you?

* I think I could have missed it, but what is the mechanism by which an 
IP packet passes through the node and receives a treatment that leaves 
it with a corrupted CRC-32 at the transport layer, but some (reliable) 
understanding of the content (IP addresses, length, protocol, etc).

* If you return a message from a mid-box, how do you know that routers 
down-stream of the mid-box would have forwared this packet?


Michael Tuexen wrote:
> Dear all,
> for SCTP there is an ID
> which sends back a packet to the sender if the receiver detects a  
> transport
> layer checksum failure...
> Best regards
> Michael
> On Sep 4, 2006, at 9:59 AM, Michael Welzl wrote:
>>> The question is the impact of the bad packet.