Please Whitelist This Site?
I know everyone hates ads. But please understand that I am providing premium content for free that takes hundreds of hours of time to research and write. I don't want to go to a pay-only model like some sites, but when more and more people block ads, I end up working for free. And I have a family to support, just like you. :)
If you like The TCP/IP Guide, please consider the download version. It's priced very economically and you can read all of it in a convenient format without ads.
If you want to use this site for free, I'd be grateful if you could add the site to the whitelist for Adblock. To do so, just open the Adblock menu and select "Disable on tcpipguide.com". Or go to the Tools menu and select "Adblock Plus Preferences...". Then click "Add Filter..." at the bottom, and add this string: "@@||tcpipguide.com^$document". Then just click OK.
Thanks for your understanding!
Sincerely, Charles Kozierok
Author and Publisher, The TCP/IP Guide
NOTE: Using software to mass-download the site degrades the server and is prohibited.
If you want to read The TCP/IP Guide offline, please consider licensing it. Thank you.
TCP Checksum Calculation and the TCP "Pseudo Header"
(Page 3 of 3)
Advantages of the Pseudo Header Method
So, why bother with this pseudo
header? The source and destination devices both compute the checksum
using the fields in this pseudo header. This means that if, for any
reason, the two devices don't use the same values for the pseudo header,
the checksum will fail. Now, when we consider what's in the header,
we find that this means the checksum now protects against not just errors
in the TCP segment fields but also against:
- Incorrect Segment Delivery: If there is
a mismatch in the Destination Address between what the source
specified and what the destination that got the segment used, the checksum
will fail. The same will happen if the Source Address does not
- Incorrect Protocol: If a datagram is routed
to TCP that actually belongs to a different protocol for whatever reason,
this can be immediately detected.
- Incorrect Segment Length: If part of the
TCP segment has been omitted by accident, the lengths the source and
destination used won't match and the checksum will fail.
What's clever about the pseudo header
is that by using it for the checksum calculation, we can provide this
protection without actually needing to send the fields in the pseudo
header itself. This eliminates duplicating the IP fields used in the
pseudo header within the TCP header, which would be redundant and wasteful
of bandwidth. The drawback of the pseudo header method is that it makes
checksum calculation take more time and effort (though this is not much
of an issue today.)
In the context of today's modern,
high-speed, highly-reliable networks, the use of the pseudo header sometimes
seems archaic. How likely is it that a datagram will be
delivered to the wrong address? Not very. At the time TCP was created,
however, there was significant concern that there might not be proper
end-to-end checking of the delivery of datagrams at the
IP level. Including IP information in the TCP checksum was seen as a
useful additional level of protection.
Of course, there is one interesting
implication of the TCP pseudo header: it violates the architectural
layering principles that the designers of TCP sought to respect in splitting
TCP and IP up. For the checksum, TCP must know IP information that technically
it shouldn't. TCP checksum calculation requires, for example,
that the protocol number from the IP header be given to the TCP layer
on the receiving device from the IP datagram that carried the segment.
The TCP pseudo header is a good example of a case where strict layering
was eschewed in favor of practicality.
Finally, TCP also supports an optional
method of having two devices agree on an alternative checksum algorithm.
This must be negotiated during connection establishment.
Key Concept: TCP checksums are computed over not just the TCP segment but also over a TCP pseudo header that contains the length of the TCP segment as well as the IP Source Address, Destination Address and Protocol fields. Since these fields are part of the checksum, if the segment is received by the wrong device, or has the incorrect Protocol field or segment length, it will be rejected. The technique is clever because the checksum can provide this protection even though the pseudo header itself is not actually transmitted.
|If you find The TCP/IP Guide useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider purchasing a download license of The TCP/IP Guide. Thanks for your support!|
Table Of Contents - Contact Us
The TCP/IP Guide (http://www.TCPIPGuide.com)
Version 3.0 - Version Date: September 20, 2005
© Copyright 2001-2005 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.