Re: Soliciting input on UDP encapsulation for DCCP

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Michael,

Thanks for the comments.  See inline...

Tom P.

[snipped]
> > In addition, please speak up if you have other technical comments
> > about the draft.
> 
> I hope I'm not re-iterating an old discussion here, and apologize if I
> am -
> but I think that the partial checksum extension header should also
> include
> the UDP header, because it is applied when the UDP header
> checksum is zero - which means that there is no other ckecksum applied
> on the UDP header... DCCP could, and probably should, make up for
that.
> 
[Tom P.] This is a good point (and the first time it's been brought up
to my knowledge).  There are problems however.  The UDP header (ports,
at least) may have been changed by a NAPT in the path, which would
invalidate the partial checksum in the DCCP header (if it included the
UDP header).

A possible workaround to this would be to include only the UDP length
field in the DCCP partial checksum (we know that the checksum field is
zero so there's no need to include that).  This would give at least
protection for the UDP fields that shouldn't be changed in the network.

Does that work for you?

> I think it would also make sense to define usage of UDP-Lite,
especially
> when the DCCP checksum stuff is used
> 
[Tom P.] So are you suggesting that we also define DCCP encapsulated in
UDP-Lite?  I'm not opposed to that, but I'm not sure I see much benefit
for DCCP, as UDP-Lite has the same NAT traversal problems that DCCP has.

> Cheers,
> Michael



[Index of Archives]     [Linux Kernel Development]     [Linux DCCP]     [IETF Annouce]     [Linux Networking]     [Git]     [Security]     [Linux Assembly]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [DDR & Rambus]

  Powered by Linux