IPv6 and UDP Checksums for Tunneled Packets
Draft of message to be sent after approval:
From: The IESG <firstname.lastname@example.org> To: IETF-Announce <email@example.com> Cc: RFC Editor <firstname.lastname@example.org>, 6man mailing list <email@example.com>, 6man chair <firstname.lastname@example.org> Subject: Protocol Action: 'IPv6 and UDP Checksums for Tunneled Packets' to Proposed Standard (draft-ietf-6man-udpchecksums-08.txt) The IESG has approved the following document: - 'IPv6 and UDP Checksums for Tunneled Packets' (draft-ietf-6man-udpchecksums-08.txt) as Proposed Standard This document is the product of the IPv6 Maintenance Working Group. The IESG contact persons are Brian Haberman and Ralph Droms. A URL of this Internet Draft is: http://datatracker.ietf.org/doc/draft-ietf-6man-udpchecksums/
Technical Summary: This document provides an update of the Internet Protocol version 6 (IPv6) specification (RFC2460) to improve the performance of IPv6 in the use case when a tunnel protocol uses UDP with IPv6 to tunnel packets. The performance improvement is obtained by relaxing the IPv6 UDP checksum requirement for suitable tunneling protocol where header information is protected on the "inner" packet being carried. This relaxation removes the overhead associated with the computation of UDP checksums on IPv6 packets used to carry tunnel protocols and thereby improves the efficiency of the traversal of firewalls and other network middleboxes by such protocols. We describe how the IPv6 UDP checksum requirement can be relaxed in the situation where the encapsulated packet itself contains a checksum, the limitations and risks of this approach, and defines restrictions on the use of this relaxation to mitigate these risks. Working Group Summary: Discussions back in 2009 in LISP, 6MAN and MBONED highlighted the issues regarding the generation of UDP checksums in certain situations. Various ideas for how to restrict or negotiate the use of the zero checksum. There was pushback on allowing a zero UDP checksum in any packet, but there was clear consensus if the zero UDP checksum was restricted to specific applications only (tunnels). Document Quality: There are multiple LISP implementations already using UDP zero checksum. Personnel: Ole Troan is the Document Shepherd. Brian Haberman is the Responsible Area Director.