IPv6 and UDP Checksums for Tunneled Packets

Approval announcement
Draft of message to be sent after approval:

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: RFC Editor <rfc-editor@rfc-editor.org>,
    6man mailing list <ipv6@ietf.org>,
    6man chair <6man-chairs@tools.ietf.org>
Subject: Protocol Action: 'IPv6 and UDP Checksums for Tunneled Packets' to Proposed Standard (draft-ietf-6man-udpchecksums-08.txt)

The IESG has approved the following document:
- 'IPv6 and UDP Checksums for Tunneled Packets'
  (draft-ietf-6man-udpchecksums-08.txt) as Proposed Standard

This document is the product of the IPv6 Maintenance Working Group.

The IESG contact persons are Brian Haberman and Ralph Droms.

A URL of this Internet Draft is:

Technical Summary:

This document provides an update of the Internet Protocol version 6
(IPv6) specification (RFC2460) to improve the performance of IPv6 in
the use case when a tunnel protocol uses UDP with IPv6 to tunnel
packets. The performance improvement is obtained by relaxing the
IPv6 UDP checksum requirement for suitable tunneling protocol where
header information is protected on the "inner" packet being carried.
This relaxation removes the overhead associated with the computation
of UDP checksums on IPv6 packets used to carry tunnel protocols and
thereby improves the efficiency of the traversal of firewalls and
other network middleboxes by such protocols. We describe how the
IPv6 UDP checksum requirement can be relaxed in the situation where
the encapsulated packet itself contains a checksum, the limitations
and risks of this approach, and defines restrictions on the use of
this relaxation to mitigate these risks.

Working Group Summary:

Discussions back in 2009 in LISP, 6MAN and MBONED highlighted the
issues regarding the generation of UDP checksums in certain situations.
Various ideas for how to restrict or negotiate the use of the
zero checksum. There was pushback on allowing a zero UDP checksum
in any packet, but there was clear consensus if the zero UDP checksum
was restricted to specific applications only (tunnels).

Document Quality:

There are multiple LISP implementations already using UDP zero checksum.


Ole Troan is the Document Shepherd.
Brian Haberman is the Responsible Area Director.