While Steve is right about Ethernet checks providing only localized
protection, transport layer (e.g. TCP) checks are not a panacea, since they
are *NOT* "end-to-end" in the sense of Saltzer, Reed & Clark's end-to-end
arguments.
SRC & Stone and Partridge both state that the *APPLICATION* must perform the
error check for full end-to-end protection. This is because transport layer
error checks don't protect the information in the endsystem, e.g. as it
moves between the transport layer and the application. Often the
application trusts that transfers in the local system will be error-free,
and so transport layer checks are adequate. Sometimes the application
doesn't have this trust, and needs its own checks, and the transport layer
checks become redundant. For more details, see section II.C of
http://uluru.poly.edu/~tmoors/index.html#e2e .
Some relevant quotes from Stone and Partridge, and Saltzer, Reed & Clark
(caps added):
"the APPLICATION must add the checksum before handing its data to TCP" [S&P,
Section 5.4]
"the file transfer APPLICATION residing in host B reads the transferred file
copy back from its disk storage system into its own memory, recalculates the
checksum, and" [SRC, in the "End-to-end caretaking" section]
Tim Moors
___________________________________
Web: http://uluru.poly.edu/~tmoors/
From: Steven M. Bellovin [mailto:smb(_at_)research(_dot_)att(_dot_)com]
Sent: Saturday, September 01, 2001 9:50 AM
Subject: Re: TCP/IP check sum
The short answer is two-fold: first, that the TCP checksum is
end-to-end, while the Ethernet checksum is only hop-by-hop, and second,
that the TCP checksum detects different classes of errors, in
particular those that occur on routers.
But all this is explained much more clearly in Stone and Partridge's
SIGCOMM paper. Have a look at http://citeseer.nj.nec.com/stone00when.html
for the abstract and pointers to the fuill text.
--Steve Bellovin, http://www.research.att.com/~smb