Re: Inbound processing of ESP packet

[Henry Spencer <henry@spsystems.net>]

On Mon, 15 Jan 2001, Steven M. Bellovin wrote:
> >Normally, packet length is discovered based on link-level framing, either
> >supplemented or confirmed by the byte count in the IP header...
> 
> Nope; the IP header value is the only authoritative one.  There may be 
> link-level padding, such as the minimum frame size on Ethernet.

As I said:  "either supplemented..." (that is, the IP header value is
needed to pin down where the packet ends and the padding starts, when
the frame as received is oversize).

> The link-level length is checked to ensure that enough data was 
> received to accomodate the IP header's value.

"...or confirmed".

When two numbers have to agree, speaking of one as "authoritative" is
questionable usage.  And any real implementation initially allocates space
based on the frame size -- the size of the packet as received is however
many bytes were received, with the IP header consulted only to remove
padding and verify consistency.

                                                          Henry Spencer
                                                       henry@spsystems.net

---

Follow-Ups:

• Re: Inbound processing of ESP packet
• From: Stephen Kent <kent@bbn.com>

References:

• Re: Inbound processing of ESP packet
• From: "Steven M. Bellovin" <smb@research.att.com>

---

• Prev by Date: Re: Inbound processing of ESP packet
• Next by Date: Re: Inbound processing of ESP packet
• Prev by thread: Re: Inbound processing of ESP packet
• Next by thread: Re: Inbound processing of ESP packet
• Index(es):
  • Main
  • Thread