Hi Andrew, Oops! You're right. I was thinking it was OK because the NAT wouldn't modify a 0 checksum, but I forgot about NAPT. Thanks. Tom P. > -----Original Message----- > From: Andrew McDonald [mailto:andrew.mcdonald@xxxxxxxxxx] > Sent: Tuesday, February 19, 2008 7:04 AM > To: Phelan, Tom > Cc: DCCP mailing list > Subject: Re: UDP checksum in phelan-dccp-natencap-00 > > Tom, > > Phelan, Tom wrote: > > So I suggest the next version of DCCP-NAT should say something like > > this: There are two versions of the DCCP-NAT generic header. When the > > UDP Checksum field is non-zero, the DCCP-NAT generic header is as > > described in the current draft. The UDP Checksum covers the entire > > datagram and there is no DCCP checksum. When the UDP Checksum is 0, the > > DCCP-NAT generic header is extended by four bytes to encode the DCCP-NAT > > checksum and checksum coverage length. The DCCP-NAT checksum covers the > > 8-byte UDP header, the entire DCCP-NAT header (including type-specific > > fields and options) and however much of the user data that is indicated > > by the checksum coverage value. > > > > There are more details that will be needed in the next draft, but this > > is the general outline. Does this work for you? > > Doesn't this definition of the DCCP-NAT checksum break the NAT- > friendliness? > > Assuming the NAT is modifying the UDP ports being used, if the DCCP-NAT > checksum covers the UDP header, then it will be broken by the > modification made by the NAT. > > regards, > > Andrew
