On Tue, 2007-07-31 at 13:37 -0400, James Carlson wrote:
> Garrett D'Amore writes:
> > I can imagine that the only way for hardware to get this "right" is to
> > examine the IP protocol field. Since that is not part of the data that
> > is covered by the checksum, it implies that there is some classification
> > done in either software or hardware, to pick which interpretation for
> > the zero result to use.
> >
> > It shocks me that IETF would have been so cavalier about this seemingly
> > minor difference.
>
> I don't think it was cavalier; it was deliberate. There were
> performance-oriented people who once thought that disabling UDP
> transport layer checksum was a good idea (in particular for NFS),
> because "of course" the Ethernet CRC is good enough for the wire and
> there are never any other possible problems in real systems, such as
> (say) broken switches that corrupt the gate. That viewpoint (minor
> and temporary performance hack to the detriment of correctness) held
> out in UDP and, because protocols live long, we're stuck with it.
It seems to me that they could have figured a better way to provide this
information than by overloading the meaning of the checksum field
though... perhaps a boolean bit value somewhere in the IP flags? I
dunno, I wasn't part of the discussion.
>
> Similarly, I don't think it's a great idea to push the end-to-end
> checksum generation or verification down into hardware that's further
> away from the endpoint, nor is it in the long term good to add more
> complexity to the system, but that's exactly what the feature we're
> talking about does.
Nobody who cares about data integrity puts too much stock in UDP or TCP
checksum, or least they shouldn't. The checksum is incredibly fragile.
For example, swapping two bytes is a trivial way to corrupt a packet
without changing its checksum. Adding more zeros is another way.
>
> I think it's a fair bet to say we'll be back here again.
>
Maybe. The protocols are, as you say, long lived. Moving as much of
this kind of trivial work into hardware is usually a good thing. More
modern NICs are offloading more and more features, and L3/L4 checksum is
just one of them.
-- Garrett
_______________________________________________
networking-discuss mailing list
[email protected]
