Checksum done on internet layer or transport layer? [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.

---

This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to expl开发者_JS百科ain where the question may be able to be answered.

Closed 2 years ago.

Improve this question

I've done a good amount of research and it's only made me more confused. The question is, are packet checksums verified at the internet layer (IP), the transport layer (TCP/UDP) or both?

---

Both IP and TCP layers have checksums. The IP checksum is only the header checksum, whereas TCP does a checksum of pseudo-header, TCP segment header and the payload.

The checksum is checked by both, IP checks its header checksum and if it passes, TCP does its checksum on receiving packet from IP layer. Both the checksums should pass for data to reach the intended application.

If IP checksum fails, IP should drop the datagram, if TCP checksum fails, it should drop it as well.

---

Great question. Here's another question who's answer might provide some help. Who uses the checksums?

Not every device looks at every header, right? Switches only look up to layer 2/data-link layer, routers only look up to layer 3/network layer and the end hosts evaluate the layer 4/transport layer. As you mentioned, only L3 and L4 headers have checksums, meaning that switches can't evaluate checksums. However, a router can and will discard packets with bad CRCs (it only evaluates the IP header checksum). This saves bandwidth since the packet would be forwarded to the destination only to be dropped. If the packet does end up reaching the end host, it validates L3 checksum and also the L4 header. Thus, we have end-to-end detection of CRC errors and this saves bandwidth.

Note: I'm not sure whether the router dropping the packet due to a bad CRC will generate a notification to the client so it can retransmit immediately, rather than waiting for a timer to expire. This would speed up the retransmission process and it may be a configurable option on the router but I'd imagine if it exists, it'd be a security vulnerability.