When the CRC and TCP checksum disagree

  title={When the CRC and TCP checksum disagree},
  author={Jonathan Stone and Craig Partridge},
Traces of Internet packets from the past two years show that between 1 packet in 1,100 and 1 packet in 32,000 fails the TCP checksum, even on links where link-level CRCs should catch all but 1 in 4 billion errors. For certain situations, the rate of checksum failures can be even higher: in one hour-long test we observed a checksum failure of 1 packet in 400. We investigate why so many errors are observed, when link-level CRCs should catch nearly all of them. We have collected nearly 500,000… 

Figures and Tables from this paper

Potential Error Control Redundancy in iSCSI over IP
This overview addresses potential error control redundancy that may be inherent in running iSCS wide area IP networks and the analysis of CRC behaviour during its tra towards its asymptotic behavior applies equally well to all systems were CRCs are deployed.
Techniques for the Detection of Faulty Packet Header Modifications
This work selects a solution for implementation into the Linux TCP stack and uses it to examine real-world Internet paths to discover various instances of in-path modifications and extract lessons learned from them to help drive future design efforts.
Checksum Coverage and Delivery of Errored Content
—We examine how the overall reliability of network protocol stacks is affected by the use of error-detecting checksums and Cyclic Redundancy Checks at each protocol layer. How these checksums cover
Measuring packet reordering
This paper describes a new set of active measurement techniques that can reliably estimate one-way end-to-end reordering rates to and from arbitrary TCP-based servers and shows how they can be used to measure the time-domain distribution of the reordering process along a given path.
Path-quality monitoring in the presence of adversaries
This paper designs and analyzes path-quality monitoring protocols that reliably raise an alarm when the packet-loss rate and delay exceed a threshold, even when an adversary tries to bias monitoring results by selectively delaying, dropping, modifying, injecting, or preferentially treating packets.
Statistical analysis of malformed packets and their origins in the modern internet
The goal is to determine the reason that these packets appear on the network and evaluate what proportion of such packets could cause actual damage and examine and divide the unusual packets obtained during experiments into several categories based on their type and possible cause.
Cyclic Redundancy Checks and Error Detection
The need to improve the capabilities of error-detecting codes to handle higher quantities of data is explored by testing the error detection properties of CRC’s in a restricted domain.
Path-Quality Monitoring in the Presence of Adversaries: The Secure Sketch Protocols
A lightweight path-quality monitoring protocol that reliably raises an alarm when the packet-loss rate exceed a threshold, even when an adversary tries to bias monitoring results by selectively delaying, dropping, modifying, injecting, or preferentially treating packets is designed and analyzed.
The Effectiveness of Checksums for Embedded Control Networks
A study of error detection capabilities for random independent bit errors and burst errors reveals that XOR, two's complement addition, and Adler checksums are suboptimal for typical network use.
A first look at modern enterprise traffic
A broad overview of internal enterprise traffic recorded at a medium-sized site is presented to provide a first sense of ways in which modern enterprise traffic is similar to wide-area Internet traffic, and ways inWhich it is quite different.


TCP checksum function design
The focus in this paper is on checksum functions for protocols such as TCP where the required reliable delivery is achieved by retransmission.
End-to-end Internet packet dynamics
The prevalence of unusual network events such as out-of-order delivery and packet corruption are characterized and a robust receiver-based algorithm for estimating "bottleneck bandwidth" is discussed that addresses deficiencies discovered in techniques based on "packet pair".
Computing the internet checksum
This memo discusses methods for efficiently computing the Internet checksum that is used by the standard Internet protocols IP, UDP, and TCP.An efficient checksum implementation is critical to good
The BSD Packet Filter: A New Architecture for User-level Packet Capture
The BSD Packet Filter (BPF) uses a new, register-based filter evaluator that is up to 20 times faster than the original design, and uses a straighforward buffering strategy that makes its overall performance up to 100 times better than Sun's NIT running on the same hardware.
Compressing TCP/IP Headers for Low-Speed Serial Links
This RFC describes a method for compressing the headers of TCP/IP datagrams to improve performance over low speed serial links. The motivation, implementation and performance of the method are
SEAL detects cell misordering
It is shown that 32 bit CRC used in SEAL provides robust detection of cell misordering, for any frame size up to 4 Gb, the probability of undetected misordering is 2/sup -32/.
IP Router Alert Option
A new IP Option type that alerts transit routers to more closely examine the contents of an IP packet is described, useful for new protocols that are addressed to a destination but require relatively complex processing in routers along the path.
Theory and practice of error control codes
  • J. Massey
  • Computer Science
    Proceedings of the IEEE
  • 1986
This chapter discusses algorithmics and modular computations, Theory of Codes and Cryptography (3), and the theory and practice of error control codes (3).
Computation of the Internet Checksum via Incremental Update
This memo describes an updated technique for incremental computation of the standard Internet checksum. It updates the method described in RFC 1141.
IPv6 Router Alert Option
This memo describes a new IPv6 Hop-by-Hop Option type that alerts transit routers to more closely examine the contents of an IP datagram. This option is useful for situations where a datagram