Look, if IPv6 had a 32-bit checksum, it would increase their header by yet another 4 bytes. To a monster of 44 bytes.
This is a tradeoff - add those 4 bytes or let upper layer cover that one for you...
And assume what-if IPFF has those 4 bytes covered. Should it also cover "Hops" aka TTL, or not? Should it also cover data or not ?
And this will not prevent device mangling (moving to NAT devices this time), instead of Ethernet switches.
On Dec 15, 2015 3:26 PM, <lloyd.wood@xxxxxxxxxxx> wrote:
Stewart,we've recently had much discussion of this in tsvwg. (AndFletcher isn't that good...)My working theory with hindsight is that, in many ways,IPv6 embodies the worst of all possible choices.Lloyd Wood lloyd.wood@xxxxxxxxxxx http://about.me/lloydwood
From: Stewart Bryant <stbryant@xxxxxxxxx>
To: lloyd.wood@xxxxxxxxxxx; Christopher Morrow <morrowc.lists@xxxxxxxxx>; Alexey Eromenko <al4321@xxxxxxxxx>
Cc: ietf <ietf@xxxxxxxx>; Jared Mauch <jared@xxxxxxxxxxxxxxx>
Sent: Tuesday, 15 December 2015, 21:55
Subject: Re: Checksum at IP layer - is it even needed ?
Lloyd
If that is a significant risk, then why did IPv6 not move
to a better protection when it was changing the other things
in the nw/xport interface? After all there were much
better c/s - such as Fletcher - that were well known
at the time?
Stewart
On 15/12/2015 00:32, lloyd.wood@xxxxxxxxxxx wrote:
> If the content is not understood by anyone except the intended endpoint
> the occasional misdelivery is surely of no consequence.
There's still a risk of port pollution (IPv4) or destination pollution (IPv6)from misdeliveries without checksums.
not understood != not handled and pushed up the stack.
Lloyd Wood lloyd.wood@xxxxxxxxxxx http://about.me/lloydwood
From: Stewart Bryant <stbryant@xxxxxxxxx>
To: Christopher Morrow <morrowc.lists@xxxxxxxxx>; Alexey Eromenko <al4321@xxxxxxxxx>
Cc: ietf <ietf@xxxxxxxx>; Jared Mauch <jared@xxxxxxxxxxxxxxx>
Sent: Tuesday, 15 December 2015, 10:04
Subject: Re: Checksum at IP layer - is it even needed ?
On 14/12/2015 21:55, Christopher Morrow wrote:
> I suppose: "Why are we trying to solve this in tcp/udp? why not solve
> this at the application layer with TLS?" .
Yes, I was wondering about this.
If the content is not understood by anyone except the intended endpoint
the occasional misdelivery is surely of no consequence.
Stewart
-- For corporate legal information go to: http://www.cisco.com/web/about/doing_business/legal/cri/index.html