[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Inbound processing of ESP packet
>On Mon, 15 Jan 2001, Steven M. Bellovin wrote:
> > >Normally, packet length is discovered based on link-level framing, either
> > >supplemented or confirmed by the byte count in the IP header...
> >
> > Nope; the IP header value is the only authoritative one. There may be
> > link-level padding, such as the minimum frame size on Ethernet.
>
>As I said: "either supplemented..." (that is, the IP header value is
>needed to pin down where the packet ends and the padding starts, when
>the frame as received is oversize).
>
> > The link-level length is checked to ensure that enough data was
> > received to accomodate the IP header's value.
>
>"...or confirmed".
>
>When two numbers have to agree, speaking of one as "authoritative" is
>questionable usage. And any real implementation initially allocates space
>based on the frame size -- the size of the packet as received is however
>many bytes were received, with the IP header consulted only to remove
>padding and verify consistency.
Steve Bellovin is right, Henry. A LAN interface may include padding
after the end of the IP packet when the packet is delivered from
layer 2 to layer 3 (or from lower layer 3 to IP). The IP total length
field is what defines the end of the IP packet, not a byte count from
a lower layer protocol.
Steve
Follow-Ups:
References: