Thus spake "Mikael Abrahamsson" <swmike@swm.pp.se>
> I'm seeing occasional errors in files transmitted using TCP (FTP)
> and I am trying to locate the source. Since this has been seen
> with two different machines I am trying to rule out my
> infrastructure (switches/routers) as having any part in this.
>
> It is my understanding that CRC is used at all OSI layers
> (including layer 4 (tcp)).
Most IP-related protocols use either 1's complement or MD5 checksums. CRC
is very rare.
> When doing a IP routing hop, the packet could theoretically
> be altered due to a memory error in a router (it's changed for
> the TTL anyway) and the IP CRC recalculated and therefore
> the IP checksum is "correct" but the data in the packet is not.
This is why routers are supposed to use an incremental checksum on the
changes instead of calculating it again from scratch. If this weren't
done, the IP checksum would be pointless as you note.
> Would this be caught by the TCP checksum (L4) when the
> packet arrives at the end host? I have always presumed that
> this would be the case.
That's the idea. The odds of your packets getting corrupted and
subsequently passing the separate L2, L3, and L4 checksums without detection
is not worth considering.
> I am using Cisco 12000 and 7200 routers, and Extreme
> Networks switches (both for L2 and L3). Could any of these
> meddle with the TCP checksum? They are theoretically
> capable of doing this since they support NAT, but when not
> in NAT mode, would they?
They shouldn't. If you can reproduce the problem, it's almost certainly in
your application or host TCP/IP stack.
S
This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:11:57 EDT