Archived

This topic is now archived and is closed to further replies.

eldee

UDP checksum

Recommended Posts

okay, i give up. i''ve spent the past day and a half trying to figure this out, and i still can''t wrap my head around it. how do you create a UDP header checksum? i''ve read soooo many web pages on it, and none of them have spelled it out in plain english for an idiot like myself. can somebody give me an example of how a checksum is created? i''d be forever in your debt -eldee ;another space monkey; [ Forced Evolution Studios ]

::evolve:: Do NOT let Dr. Mario touch your genitals. He is not a real doctor!

Share this post


Link to post
Share on other sites
As far as I know, the UDP protocol guarantees that whatever is received will be intact, which means the underlying network layer takes care of the checksum for you.

If you''re interested in checkums in a more general sense, then ask more specific question(s)...

Share this post


Link to post
Share on other sites
it''s true that the UDP checksum is optional, but the packets i''m sending will be verified by a server, so they require checksums.
as far as specifics go.. i was fairly specific. i just need to know how to create a checksum.

link 1
link 2
link 3
UDP specification

from the UDP specification:
"[the] Checksum is the 16-bit one''s complement of the one''s complement sum of
the source address and destination address fields from the internet
header, the fields above, and the data, padded with zero octets at the
end to make a multiple of two octets."

from my research, i''ve found that the one''s complement is a mathmatical "algorithm" of sorts. but that still doesnt help me with the rest of the "equation".
has anybody actually made a checksum and can help me understand this? it''s like im reading german or greek or something.. nothing is registering and i''ve stared at it for days.


-eldee
;another space monkey;
[ Forced Evolution Studios ]


::evolve::

Do NOT let Dr. Mario touch your genitals. He is not a real doctor!

Share this post


Link to post
Share on other sites
i believe (as foofightr said) that the computer handles that for you. i.e., if the checksum (which is generated by the computer sending the packet) is not valid (which the computer receiving the packet figures out), then the packet is considered lost and you never even hear of it.

Share this post


Link to post
Share on other sites
quote:
Original post by eldee
it's true that the UDP checksum is optional, but the packets i'm sending will be verified by a server, so they require checksums.
as far as specifics go.. i was fairly specific. i just need to know how to create a checksum.

link 1
link 2
link 3
UDP specification

from the UDP specification:
"[the] Checksum is the 16-bit one's complement of the one's complement sum of
the source address and destination address fields from the internet
header, the fields above, and the data, padded with zero octets at the
end to make a multiple of two octets."

from my research, i've found that the one's complement is a mathmatical "algorithm" of sorts. but that still doesnt help me with the rest of the "equation".
has anybody actually made a checksum and can help me understand this? it's like im reading german or greek or something.. nothing is registering and i've stared at it for days.




UDP checksum must be calculated on a psedudo header build with part of the IP header and the UDP header (including the checksum field). You treat this pseudo header as n separate 16-bit integer values. In this first phase you set checksum to 0, so you have:

-source IP (32 bit, 2 short)
-dest IP (32 bit, 2 short)
next protocol (the UDP protocol number, 6 if I recall correctly)(16 bit)
-lenght (16 bit)

-src port(16 bit)
-dest port(16 bit)
-length(16 bit)
-checksum (16 bit) (set this to 0, for now)

take this data as 10 shorts, and add them(don't caring about overflow, that's what one's complement mean). If the result is zero, set th checksum to 0xFFFF, else set if to the value calculated.

Oh, and UDP doesn't guarantee ANYTHING about data you send and receive... that's TCP.





[edited by - Lorenzo on July 4, 2003 4:50:41 PM]

Share this post


Link to post
Share on other sites
quote:
Original post by krez
the checksum (which is generated by the computer sending the packet)


i''m sending *raw* packets. meaning *i* am generating the checksum. which is why i''ve posted this question
i''m not using winsock..

-eldee
;another space monkey;
[ Forced Evolution Studios ]


::evolve::

Do NOT let Dr. Mario touch your genitals. He is not a real doctor!

Share this post


Link to post
Share on other sites
quote:
Original post by Lorenzo
UDP checksum must be calculated on a psedudo header build with part of the IP header and the UDP header (including the checksum field). You treat this pseudo header as n separate 16-bit integer values. In this first phase you set checksum to 0, so you have:

-source IP (32 bit, 2 short)
-dest IP (32 bit, 2 short)
next protocol (the UDP protocol number, 6 if I recall correctly)(16 bit)
-lenght (16 bit)

-src port(16 bit)
-dest port(16 bit)
-length(16 bit)
-checksum (16 bit) (set this to 0, for now)

take this data as 10 shorts, and add them(don''t caring about overflow, that''s what one''s complement mean). If the result is zero, set th checksum to 0xFFFF, else set if to the value calculated.

Oh, and UDP doesn''t guarantee ANYTHING about data you send and receive... that''s TCP.



thanks, this is a big help.. i''ll get started working with it straight away.

so let me give a scenario here..
lets say my UDP header looks like this:

Src IP: 127.0.0.1
Dest IP: 216.185.96.230 (gamedev.net )
Protocol: UDP (which is 0x11 -> 17)
length: 16 (is this the length of the header or the entire packet? also, is it measured in bytes or bits or what?)
Src Port: 137
Dest Port: 137
Checksum: 0 (if i understand correctly, to make the checksum you assume the checksum in the pseudo header is zero?)

my pseudo header in hex would be:
0x7F 0x0 0x0 0x1 0xD8 0xB9 0x60 0xE6 0x11 0x0 0x89 0x0 0x89 0x0

so to calculate my checksum i add them all up literally?
127+0+0+1+216+185+96+230+17+16+137+137+0 = 1162?

so the checksum is 0x48A in this case?

-eldee
;another space monkey;
[ Forced Evolution Studios ]


::evolve::

Do NOT let Dr. Mario touch your genitals. He is not a real doctor!

Share this post


Link to post
Share on other sites
quote:
Original post by Lorenzo
Oh, and UDP doesn''t guarantee ANYTHING about data you send and receive... that''s TCP.



Horseshit. UPD doesn''t guarantee delivery or ordering, but it *does* guarantee that if the reciever gets the packet, it is intact. Although I understand that routers can sometimes screw up the contents of a UDP packet if it''s too big.

Share this post


Link to post
Share on other sites
I appologize in advance for this very long post.

okay guys, i feel like i'm really close to figuring this out after a long talk with washu on #gamedev, but my checksum isn't quite adding up (it's VERY close, but not exact).

i'm using ethereal to look at a udp packet as an example and i've been trying to get my checksum to match the checksum that's in the packet (it's easier to work on a math problem when you already know the answer ).

okay, this is a wolfenstein packet as seen in ethereal:

00 09 5b 4f 64 72 00 07 95 e7 79 2d 08 00 45 00
00 38 5d 02 00 00 80 11 33 d6 c0 a8 00 02 c0 f6
28 3c 6d 38 6d 2e 00 24 29 b5 ff ff ff ff 67 65
74 73 65 72 76 65 72 73 20 38 32 20 66 75 6c 6c
20 65 6d 70 74 79

and here's a more "broken down view" of the packet:

// ------- BEGIN IP HEADER ----------------------------
00 09 5b 4f 64 72 // Destination HW address
00 07 95 e7 79 2d // Src HW address
08 00 // Type (not really sure what this octet's for)
45 // IP version (IPv4)
00 // Differentiated Services Code Point (i have no idea what this octet is for)
00 38 // Total Length (of the packet?)
5d 02 // ID (not really sure what this octet's for)
00 00 // Fragmentation offset
80 // Time To Live (in network hops)
11 // Protocol (UDP)
33 d6 // IP Header Checksum (two's compliment)
// ------- BEGIN UDP HEADER ---------------------------
c0 a8 00 02 // Source IP
c0 f6 28 3c // Destination IP
6d 38 // Source Port
6d 2e // Destination Port
00 24 // Length (of the UDP Packet?)
29 b5 // UDP Checksum (one's compliment)
ff ff ff ff // Marker (part of the packet data, no idea what it's for)
67 65 74 73 65 72 76 65 72 73 // Packet Data
20 38 32 20 66 75 6c 6c 20 65 // Packet Data
6d 70 74 79 // Packet Data


okay, so the checksum i'm after is 0x29b5. using the extremely helpful information washu gave me last night, i've been able to calculate the following by grouping all of the octets into pairs and adding them up:

SrcIP + DestIP + SrcPort + DestPort + UDPLength + Protocol + Data
c0a8 + 0002 + c0f6 + 283c + 6d38 + 6d2e + 0024 + 0000 + // checksum is zero right now
ffff + ffff + 6765 + 7473 + 6572 + 7665 + 7273 + 2038 +
3220 + 6675 + 6c6c + 2065 + 6d70 + 7479 + 0011 // 0011 is the protocol (UDP)

when i add all of these fields, i get D61E, who's one's compliment is 29E1.
so the checksum is 29b5 and i got 29e1.. i'm VERY VERY close
here.. (a difference of 44 or 0x4C) can anybody point out where
i'm slipping up? i'm sooo close!!!!

thanks for reading this long post

-eldee
;another space monkey;
[ Forced Evolution Studios ]


::evolve::

Do NOT let Dr. Mario touch your genitals. He is not a real doctor!


[edited by - eldee on July 5, 2003 11:23:12 AM]

Share this post


Link to post
Share on other sites
quote:
Original post by Jeff K
code here



thanks for the link.. i'll analyze it and see if i can find out what im doing wrong. unfortunately i can't use that code since i'm using vb.net for this project and it's unable to bitshift (damn you vb.net)

anybody else see what i might be doing wrong?

[edit: hrm, i've been reading the code in that link, and oddly enough, they dont even use the source/destination ports for calculating the checksum.. all of the UDP specs i've read have said it's required though?]

-eldee
;another space monkey;
[ Forced Evolution Studios ]


::evolve::

Do NOT let Dr. Mario touch your genitals. He is not a real doctor!


[edited by - eldee on July 5, 2003 11:57:08 AM]

Share this post


Link to post
Share on other sites
You're probably not adding the length. While it's part of the UDP header, it's ALSO in the pseudo-header.

more info


c0a8 + 0002 + c0f6 + 283c + // Source IP, Dest IP
0011 + 0024 + // Protocol, UDP length
6d38 + 6d2e + 0024 + 0000 + // UDP header, empty checksum
ffff + ffff + 6765 + 7473 + // Data
6572 + 7665 + 7273 + 2038 +
3220 + 6675 + 6c6c + 2065 +
6d70 + 7479

= 8d642

8 + d642 = d64a
~d64a = 29b5



[edited by - Jeff K on July 5, 2003 12:09:54 PM]

Share this post


Link to post
Share on other sites
quote:
Original post by eldee
quote:
Original post by Jeff K
You''re probably not adding the length. While it''s part of the UDP header, it''s ALSO in the pseudo-header.

more info


c0a8 + 0002 + c0f6 + 283c + // Source IP, Dest IP
0011 + 0024 + // Protocol, UDP length
6d38 + 6d2e + 0024 + 0000 + // UDP header, empty checksum
ffff + ffff + 6765 + 7473 + // Data
6572 + 7665 + 7273 + 2038 +
3220 + 6675 + 6c6c + 2065 +
6d70 + 7479

= 8d642

8 + d642 = d64a
~d64a = 29b5





jeff k!! you''re my hero!
everything there makes perfect sense except this:
8 + d642 = d64a
where did the 8 come from?

-eldee
;another space monkey;
[ Forced Evolution Studios ]


::evolve::

Do NOT let Dr. Mario touch your genitals. He is not a real doctor!

Share this post


Link to post
Share on other sites
okay, and here''s another question-
that packet example i just showed up there is 70 bytes. there are two different "length" fields that say different things. the one in the IP header says the length is 56, the one in the UDP header says the length is 36. where are they getting these lengths from?

-eldee
;another space monkey;
[ Forced Evolution Studios ]


::evolve::

Do NOT let Dr. Mario touch your genitals. He is not a real doctor!

Share this post


Link to post
Share on other sites
The example packet you posted doesn't seem to fit the specs I have found. It is close, but you show the UDP header and the IP header beginning at the wrong locations.

// apparently you are using IP over someother transport
00 09 5b 4f 64 72 // Destination HW address
00 07 95 e7 79 2d // Src HW address
08 00 // Type (not really sure what this octet's for)
// ------- BEGIN IP HEADER ----------------------------
45 // IP version (IPv4)
00 // Differentiated Services Code Point (i have no idea what this octet is for)
00 38 // Total Length (of the packet?)
5d 02 // ID (not really sure what this octet's for)
00 00 // Fragmentation offset
80 // Time To Live (in network hops)
11 // Protocol (UDP)
33 d6 // IP Header Checksum (two's compliment)
c0 a8 00 02 // Source IP
c0 f6 28 3c // Destination IP
// ------- BEGIN UDP HEADER ---------------------------
6d 38 // Source Port
6d 2e // Destination Port
00 24 // Length (of the UDP Packet?)
29 b5 // UDP Checksum (one's compliment)
ff ff ff ff // Marker (part of the packet data, no idea what it's for)
67 65 74 73 65 72 76 65 72 73 // Packet Data
20 38 32 20 66 75 6c 6c 20 65 // Packet Data
6d 70 74 79 // Packet Data

I hope you aren't planning to do a reflection DOS attack because otherwise, I can't see why you need this info.



[edited by - Mastaba on July 5, 2003 4:00:12 PM]

Share this post


Link to post
Share on other sites
quote:
Original post by Mastaba
The example packet you posted doesn''t seem to fit the specs I have found. It is close, but you show the UDP header and the IP header beginning at the wrong locations.

I hope you aren''t planning to do a reflection DOS attack because otherwise, I can''t see why you need this info.




well, for point 1, that''s the data verbatem from ethereal (packet capture app). and i need to know how to generate the headers because PacketX (the packet capture lib im using in my app), will only send raw packets... i''m not a haxx0r or whatever



-eldee
;another space monkey;
[ Forced Evolution Studios ]


::evolve::

Do NOT let Dr. Mario touch your genitals. He is not a real doctor!

Share this post


Link to post
Share on other sites
Again, the data itself in that packet looks fine, just the way it was commented was wrong. In the IP and UDP RFC''s, they show the headers starting as I have shown them. And the lengths make perfect sense as such.

Share this post


Link to post
Share on other sites