Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!sdd.hp.com!zaphod.mps.ohio-state.edu!think.com!barmar
From: barmar@think.com (Barry Margolin)
Newsgroups: comp.protocols.tcp-ip
Subject: Re: UDP Checksumming of IP addresses
Message-ID: <1990Nov7.215801.10016@Think.COM>
Date: 7 Nov 90 21:58:01 GMT
References: <9011070014.AA08334@ucbvax.Berkeley.EDU>
Sender: news@Think.COM
Organization: Thinking Machines Corporation, Cambridge MA, USA
Lines: 29

In article <9011070014.AA08334@ucbvax.Berkeley.EDU> jcurran@SH.CS.NET (John Curran) writes:
>I'm sure I've overlooked something, and could use a push..
> 
>Why does UDP (when used with checksumming enabled) create a pseudo-header 
>that contains both the port numbers and the source and destination IP 
>addresses?  

The pseudo-header doesn't have port numbers in it.  It contains the
addresses, the protocol number (17 when used with IP as the network layer),
and the length.

>	     Isn't it already protected from address changes by the datagram
>checksum?

From RFC 768: "This information gives protection against misrouted
datagrams."  In other words, it's there to detect failure of the IP layer.
For instance, if the receiving host is single-homed and the datagram isn't
a broadcast, the destination IP address in the pseudo-header could be the
address of the interface rather than the address in the IP header, and
which will catch attempts by a broken IP layer to pass up packets intended
for another host (an IP layer might not check the destination address of
packets coming in through a point-to-point link, or it might not be
prepared for an interface being in promiscuous mode).

--
Barry Margolin, Thinking Machines Corp.

barmar@think.com
{uunet,harvard}!think!barmar