Subject: Re: ip_flow.c
To: Charles M. Hannum <firstname.lastname@example.org>
From: Guenther Grau <Guenther.Grau@bk.bosch.de>
Date: 01/27/1999 08:22:31
"Charles M. Hannum" wrote:
> So I'm looking at ipflow_fastforward(), and I think it does more work
> than it needs to. To wit:
> 2) There's no need to check the header checksum. In the rare case
> where it's incorrect, either: a) we will fail to find a flow and go
> through the slow path anyway, or b) it will be dropped by the
> destination host. I believe many hardware routers don't do this
> 3) There's no need to check the IP packet length. Again, in the rare
> case where it's incorrect, it will be rejected on the destination
> host. Furthermore, truncating the packet may actually reduce
> efficiency (e.g. by forcing us to repad a packet to send it out an
> Ethernet interface).
What do the IP-standards say about this. Are theses things a "must"
or a "should"? Would there be a way to optionally en/disable this
behaviour (compiletime/runtime via sysctl)?