views:

1252

answers:

4

I just wanted to know why Pseudo header is preceded to UDP. Why Pseudo header is used. whats the logic behind it.

+1  A: 

What do you mean by "pseudo header"? UDP has an 8-byte header, which provides necessary features in its four fields:

  • Source and destination port numbers, to allow multiple applications on a single host to use UDP
  • Packet size
  • Checksum, to (optionally) give the UDP data some basic protection against corruption in the net
unwind
The "pseudo header" is a header constructed from elements of the IP header and the transport layer header (TCP/UDP). The pseudo header's checksum is what is put in the checksum field of TCP/UDP.
jdizzle
+1  A: 

From the TCP or UDP point of view, the packet does not contains IP addresses. (IP being the layer beneath them.)

Thus, to do a proper checksum, a "pseudo header", that is, one that's not there, but that is taken into account in the important parts of the IP header, that is, source and destination address, protocol number, and data length. It it to ensure that the checksum takes into account those fields.

mat
mahesh
+1  A: 

When these protocols were being designed, a serious concern of theirs was a host receiving a packet thinking it was theirs when it was not. If a few bits were flipped in the IP header during transit and a packet changed course (but the IP checksum was still correct), the TCP/UDP stack of the redirected receiver can still know to reject the packet.

Though the pseudo-header broke the separation of layers idiom, it was deemed acceptable for the increased reliability.

jdizzle
Thank you so much for the answer after long time question posting. I am glad after long time after question posting you answered the question instead of just reading and skipping to next question. SO guys really rocks.
mahesh
A: 

The nearest you will get to an answer "straight from the horse's mouth", is from David P. Reed at the following link.

http://www.postel.org/pipermail/end2end-interest/2005-February/004616.html

The short version of the answer is, "the pseudo header exists for historical reasons".

Originally, TCP/IP was a single monolithic protocol (called just TCP). When they decided to split it up into TCP and IP (and others), they didn't separate the two all that cleanly: the IP addresses were still thought of as part of TCP, but they were just "inherited" from the IP layer rather than repeated in the TCP header. The reason why the TCP checksum operates over parts of the IP header (including the IP addresses) is because they intended to use cryptography to encrypt and authenticate the TCP payload, and they wanted the IP addresses and other TCP parameters in the pseudo header to be protected by the authentication code. That would make it infeasible for a man in the middle to tamper with the IP source and destination addresses: intermediate routers wouldn't notice the tampering, but the TCP end-point would when it attempted to verify the signature.

For various reasons, none of that grand cryptographic plan came to pass, but the TCP checksum which took its place still operates over the pseudo header as though it were a useful thing to do. Yes, it gives you a teensy bit of extra protection against random errors, but that's not why it exists. Frankly, we'd be better off without it: the coupling between TCP and IP means that you have to redefine TCP when you change IP. Thus, the definition of IPv6 includes a new definition for the TCP and UDP pseudo header (see RFC 2460, s8.1). Why the IPv6 designers chose to perpetuate this coupling rather than take the chance to abolish it is beyond me.