Re: Checksum at IP layer - is it even needed ?

Alexey Eromenko <al4321@xxxxxxxxx> · Tue, 15 Dec 2015 15:54:39 +0200

Look, if IPv6 had a 32-bit checksum,  it would increase their header by yet another 4 bytes.  To a monster of 44 bytes.
This is a tradeoff - add those 4 bytes or let upper layer cover that one for you...

And assume what-if IPFF has those 4 bytes covered. Should it also cover "Hops" aka TTL, or not? Should it also cover data or not ?
And this will not prevent device mangling (moving to NAT devices this time), instead of Ethernet switches.
On Dec 15, 2015 3:26 PM,  <lloyd.wood@xxxxxxxxxxx> wrote:
Stewart,

we've recently had much discussion of this in tsvwg. (And
Fletcher isn't that good...)

My working theory with hindsight is that, in many ways,
IPv6 embodies the worst of all possible choices.

Lloyd Wood
 lloyd.wood@xxxxxxxxxxx
 http://about.me/lloydwood 

 From: Stewart Bryant <stbryant@xxxxxxxxx>
 To: lloyd.wood@xxxxxxxxxxx; Christopher Morrow <morrowc.lists@xxxxxxxxx>; Alexey Eromenko <al4321@xxxxxxxxx> 
Cc: ietf <ietf@xxxxxxxx>; Jared Mauch <jared@xxxxxxxxxxxxxxx>
 Sent: Tuesday, 15 December 2015, 21:55
 Subject: Re: Checksum at IP layer - is it even needed ?

    Lloyd

      If that is a significant risk, then why did IPv6 not move

      to a better protection when it was changing the other things

      in the nw/xport interface? After all there were much

      better c/s - such as Fletcher - that were well known

      at the time?

      Stewart

      On 15/12/2015 00:32, lloyd.wood@xxxxxxxxxxx wrote:

        > If the
            content is not understood by anyone except the intended
            endpoint 

          > the
            occasional misdelivery is surely of no consequence.

        There's still a risk
            of port pollution (IPv4) or destination pollution (IPv6)
        from
            misdeliveries without checksums.

        not
            understood != not handled and pushed up the stack. 

        Lloyd
          Wood lloyd.wood@xxxxxxxxxxx http://about.me/lloydwood 

 From: Stewart
                Bryant <stbryant@xxxxxxxxx>

                To:
                Christopher Morrow <morrowc.lists@xxxxxxxxx>;
                Alexey Eromenko <al4321@xxxxxxxxx> 

                Cc: ietf
                <ietf@xxxxxxxx>; Jared Mauch
                <jared@xxxxxxxxxxxxxxx>

                Sent:
                Tuesday, 15 December 2015, 10:04

                Subject:
                Re: Checksum at IP layer - is it even needed ?

              On 14/12/2015 21:55, Christopher Morrow wrote:

                > I suppose: "Why are we trying to solve this in
                tcp/udp? why not solve 

                > this at the application layer with TLS?" . 

              Yes, I was wondering about this.

              If the content is not understood by anyone except the
              intended endpoint 

              the occasional misdelivery is surely of no consequence.

              Stewart

    -- 
For corporate legal information go to:

http://www.cisco.com/web/about/doing_business/legal/cri/index.html