Hi Michael, OK, I'll add the UDP length field to the partial checksum in the next version. Tom P. > -----Original Message----- > From: Michael Welzl [mailto:michawe@xxxxxxxxxx] > Sent: Friday, November 20, 2009 10:51 AM > To: Phelan, Tom > Cc: Pasi Sarolahti; DCCP working group > Subject: Re: Soliciting input on UDP encapsulation for DCCP > > Hi! > > > >> but I think that the partial checksum extension header should also > >> include > >> the UDP header, because it is applied when the UDP header > >> checksum is zero - which means that there is no other ckecksum > >> applied > >> on the UDP header... DCCP could, and probably should, make up for > > that. > >> > > [Tom P.] This is a good point (and the first time it's been brought up > > to my knowledge). There are problems however. The UDP header (ports, > > at least) may have been changed by a NAPT in the path, which would > > invalidate the partial checksum in the DCCP header (if it included the > > UDP header). > > > > A possible workaround to this would be to include only the UDP length > > field in the DCCP partial checksum (we know that the checksum field is > > zero so there's no need to include that). This would give at least > > protection for the UDP fields that shouldn't be changed in the > > network. > > > > Does that work for you? > > yes... without port numbers that doesn't help much though, i guess, > but it's probably better than nothing > > > >> > > [Tom P.] So are you suggesting that we also define DCCP encapsulated > > in > > UDP-Lite? I'm not opposed to that, but I'm not sure I see much > > benefit > > for DCCP, as UDP-Lite has the same NAT traversal problems that DCCP > > has. > > yes, i was suggesting that. it should be easy to do, but you got me > convinced, i think it's probably pointless > > cheers > michael
