> From: <l(_dot_)wood(_at_)surrey(_dot_)ac(_dot_)uk>
> any IP/UDP header corruption goes undetected at the endhost because the
> pseudoheader checksum has been disabled. .. the header corruption takes
> the packet to some other destination/port, so you don't see it; it's
> just a drop as far as you are concerned. But it matters for whatever
> actually receives that corrupted packet on e.g. an altered port value.
> ...
> odd behaviour on other applications at the same endpoints (or, with
> IPv6, in the same network) caused by missent packets with corrupt ed
> UDP packets? Hey, not your problem. Hey, you're working just fine.
> It's pollution and tragedy of the commons, basically.
> When you send with a zero UDP checksum, it's possible for the packet to
> be received and processed anywhere.
Outlawing use of non-checksummed UDP for tunnels isn't going to _guarantee_
that such packets never show up at a host: malicious or buggy software could
also generate them - as could whatever is hypothetically damaging
non-checksummed UDP tunnel packets.
So hosts have to be able to deal with such packets anyway.
The only question left, then, is 'is this happening often enough to present a
significant processing load to the innocent bystanders' (which I agree would
be problematic). But here I echo Stewart Bryant: what data is there that this
is actually happening often enough to be a problem?
And along those lines, I'm looking at the 'incoming traffic' light on my cable
modem, and it's blinking constantly - port scanners and such, I assume. A few
stray tunnel packets would be lost in that flood.
Noel