Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5840
Views
2
Helpful
4
Replies

Layer 3 IP checksum vs Layer 2 frame checksum

Catalin Sandu
Level 1
Level 1

‎08-09-2011 02:58 AM - edited ‎03-07-2019 01:36 AM

Layer 3 IP checksum - recalculated to include changes to IP header

Layer 2 frame checksum - recalculated to include changes to the Layer 2 and Layer 3 headers

Can someone explain the diffrence between this 2 processes ? When Layer 3 recalculation checksum and Layer 2 frame checksum heppen? What devices L2, L3 are involved ?

Thank you!

Labels:
0 Helpful
4 Replies 4

Peter Paluch
Cisco Employee
Cisco Employee

‎08-09-2011 05:06 AM

Hi Sandu,

On each layer, the checksum is computed or recomputed whenever a datagram is created or modified. When such a datagram is received, the checksum is verified.

When sending an IP packet, you compute the IP header checksum, insert the packet into a frame, compute the frame checksum, and send the packet along the way.

If the frame passes through Layer2 switches only, the frame checksum is verified to make sure the frame and its contents have not been damaged or altered. However, because the frame is not modified during switching, the checksum is not computed anew because it would simply yield the same value. The IP header checksum in this case is neither computed nor verified because a Layer2 switch is interested only in processing the frame itself, not its contents. It does not even look for an IP packet in the frame payload.

When this frame arrives at a router, the router's network card will again verify the frame checksum and pass the frame contents to the higher level. Here, the IP driver will kick in, handle the received packet, verify the IP header checksum, and if it is correct, the router starts routing it. After going through the routing table, it determines the next hop for this IP packet. Then, the router decrements the TTL in the IP header, and because this caused the header to be modified, the IP header checksum needs to be computed anew. The router therefore computes the new IP header checksum, inserts it into the packet header, then encapsulates the packet in a new frame, computes the new frame's checksum and sends the frame again towards the recipient.

This process repeats itself until the packet is delivered to the final destination. Remember: the checksum is verified whenever a datagram is being processed, and is recomputed when the datagram is created from scratch or deliberately modified during transit. Frames are processed by L2 and higher devices: NICs, bridges, switches, routers, firewalls, end hosts etc. IP packets are processed by L3 and higher devices: end hosts, routers, firewalls, ...

Please feel welcome to ask further.

Best regards,

Peter

abdalrhmanalathwari1445
Level 1
Level 1
In response to Peter Paluch

‎10-26-2019 11:51 PM

great explanation 

AL-ATHWARI
0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to abdalrhmanalathwari1445

‎10-27-2019 02:37 PM

Peter's explanations generally are. I would add a note though to his statement "When this frame arrives at a router, the router's network card will again verify the frame checksum and pass the frame contents to the higher level." This assumes the frame checksum is okay, if not the frame would be discarded and, of course, the IP packet not checked. In theory, the IP checksum could pass, while the frame checksum does not, but if the frame is "bad" you couldn't confirm the frame was meant for you or what host sent it, etc.
0 Helpful

peter.reynolds
Level 1
Level 1
In response to Peter Paluch

‎08-29-2023 05:38 AM

Still Helpful

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card