RE: Checksum in IPv6 header
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Checksum in IPv6 header

Title: Message
But there's no reason to believe that the L2 is the same as you enter the tunnel. You're going through a router, often to a different link layer. The L2 overhead is stripped off and replaced.
 
Bert
 

From: Alex Conta [mailto:aconta at optonline.net]
Sent: Friday, February 01, 2008 8:09 AM
To: Manfredi, Albert E
Cc: ipv6 at ietf.org
Subject: RE: Checksum in IPv6 header

I am not seeing the problem.
 
The "non-secure IPv6 link" you're mentioning is a "virtual link", over a "real" physical link. The "real" physical link, the "real" L2, provides the error detection, which uncovers packet errors in the IPv6 tunnel packets, like on any other IPv6 packet.
 
-----Original Message-----
From: Manfredi, Albert E [mailto:albert.e.manfredi at boeing.com]
Sent: Thursday, January 31, 2008 3:09 PM
To: Alex Conta
Cc: ipv6 at ietf.org
Subject: RE: Checksum in IPv6 header
 [....] 
From: Alex Conta [mailto:aconta at optonline.net]
Sent: Thursday, January 31, 2008 12:50 PM
To: 'Rahim Choudhary'; Templin, Fred L; 'Fred Baker'
Cc: ipv6 at ietf.org
Subject: RE: Checksum in IPv6 header
The reason is IPsec tunnels, where encrypted packets are tunneled through a non-secure IPv6 link. In such cases, you can't count on L2 checksums when going across the tunnel boundaries. Or did I miss part of that recent thread?
 
Bert
 
--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6 at ietf.org
Administrative Requests: http://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.