ICMPv6 Packet – Calculating Checksum

checksumicmpv6ipv6packet-analysis

I have a packet that has a checksum of 0xffff, and a calculated checksum of 0x0000. I know in UDP, a checksum of 0x0000 is not allowed, and is instead replaced with 0xffff, thus the packet should be validated.

On the other hand, I had a packet with a checksum of 0x0000, and a calculated checksum of 0x0000, in this case, do we still replace it with 0xffff? That would make it invalid packet (incorrect checksum match), but I believe that it is valid (correct checksum match). Are there any rules for such values?

Best Answer

With UDP, the checksum is optional, but it's mandatory for ICMP.

Accordingly, you do not replace a calculated 0x0000 with 0xffff.

For reference, check RFC 4443 2.3:

2.3. Message Checksum Calculation

The checksum is the 16-bit one's complement of the one's complement sum of the entire ICMPv6 message, starting with the ICMPv6 message type field, and prepended with a "pseudo-header" of IPv6 header fields, as specified in [IPv6, Section 8.1]. The Next Header value used in the pseudo-header is 58. (The inclusion of a pseudo-header in the ICMPv6 checksum is a change from IPv4; see [IPv6] for the rationale for this change.)

For computing the checksum, the checksum field is first set to zero.

Related Topic