0

In a tunneled packet there may exist two UDP headers. One outer UDP and one inner UDP e.g MAC + outerIP + outerUDP + extraheader + innerIP + innerUDP + payload.

Inner UDP has its own checksum.

Is there an optimized way to calculate outerUDP checksum by manipulating innerUDP checksum value without calculating sum over payload again?

Asam Padeh
  • 135
  • 2
  • 9
  • No. ........... – Swordfish May 13 '19 at 23:30
  • Original outerUDP header checksum may be zero at the beginning. Software can generate sum over extraheader + innerIP + innerUDP (which is less than 64 bytes), but NOT over payload which is processing intensive. – Asam Padeh May 13 '19 at 23:39

1 Answers1

0

UDP checksum calculation is simple:

  • treat data (payload, non-checksum fields in UDP header, some fields from IP header) as 16 bit integers
  • sum them wrapping at 16 bits
  • reverse each bit of the result

It's constructed in a way, that verification on receiving end is done by summing up all mentioned data and checksum and checking if result is equal to 0xffff. So when calculating outer packet checksum you might want to skip summing fields related to inner packet, but add 0xffff directly instead thus saving resources.

This is applicable only in case inner packet offset is divisible by 16 bit, so checksum calculation for outer packet and for inner packet uses the same integers within inner packet.

nnovich-OK
  • 2,900
  • 2
  • 13
  • 16
  • Yes it is simple and been doing that. But is there a new way to exploit that simplicity :-) – Asam Padeh May 21 '19 at 03:49
  • @AsamPadeh not sure if I got it right. I suggested ignoring whole inner packet data during checksum calculation and replacing it with single `0xffff`. Are you saying, that you already do this? – nnovich-OK May 23 '19 at 20:31