Partial checksum support in DCCP_NAT

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



[Subject changed to focus on sub-thread]

Hi Michael,

I've been thinking about a slight variation of option 3 below for
dealing with partial checksums.  Note that the intent of option 3 was
_not_ IP/UDP/UDP-Lite/DCCP as was mentioned in another thread.  That
just creates a turtles-all-the-way-down problem -- you still have the
top-level UDP checksum to work around.  The intent of option 3 is to
make UDP-Lite changes to UDP.  Basically, just redefine the UDP length
field to the semantics of the checksum coverage field in UDP-Lite.

The variation I'm thinking of is to say this -- when a UDP port is
offering the DCCP_NAT service, the length field is redefined to checksum
coverage.  To use DCCP partial checksum, set the (redefined) length
field to the portion of the datagram that needs protection, as
negotiated via the DCCP Partial Checksum feature.  This might get around
the giant can of worms that redefining the length field everywhere would
open.

I'm not sure what setting the length field to less than the total packet
size would do to existing end system and NAT implementations.  Looking
at the Linux code, UDP and UDP-Lite are integrated, so it doesn't barf
on UDP length less than packet length, but it looks like you can't use
the socket option to accept less checksum coverage unless it's a
UDP-Lite socket.

But I don't think it matters if end systems and NATs need to be upgraded
to support this, since links already need to be upgraded to understand
partial checksums.

Opinions?

Tom P.

> -----Original Message-----
> From: Michael Welzl [mailto:michawe@xxxxxxxxxx]
> Sent: Friday, November 20, 2009 11:59 AM
> To: Phelan, Tom
> Cc: gorry@xxxxxxxxxxxxxx; DCCP working group
> Subject: Re:  Soliciting input on UDP encapsulation for DCCP
> 
> > 3) Define UDP-Lite-in-UDP, then DCCP partial checksum becomes use
> > UDP-Lite and ensure that the DCCP header is covered.  I can imagine
> > that
> > this would open quite the can of worms :-).
> 
> Haha, I love that idea!
> 
> But seriously, I do, it's a good one I think!
> 
> Cheers,
> Michael



[Index of Archives]     [Linux Kernel Development]     [Linux DCCP]     [IETF Annouce]     [Linux Networking]     [Git]     [Security]     [Linux Assembly]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [DDR & Rambus]

  Powered by Linux