The Internet checksum is an important error detection scheme used in UDP. The point of the checksum is to detect errors in transmitted data. If an error, then most UDP implementations drop the packet. The sender will compute the checksum and send it with the packet. The receiver will re-compute the checksum with the packet data and compare with the checksum it received.
Procedure is:
- Add all 16-bit words in the segment. The operands are a pseudo header (consists of source/destination IP, zero paddings, protocol (always 17 for UDP), and UDP length of the packet), the header itself, and the contents of the packet.
- If overflow, we wrap it around. Then compute the addition again until there’s no overflow.
- One’s complement addition: binary addition where overflow is added to the result again.
- When sending, the checksum field is set to 0.
- When receiving, the checksum field is left as is. If we find that the result is 0, then our packet is likely uncorrupted.
- Invert (NOT) each bit. This is the checksum.
- At the receiver side, we add every 16-bit word. If the result is all 1s, then we have no errors.
We use checksum because there’s no guarantee of error detection in more bare metal layers. In addition, the protections provided by checksums are generally weak (valid checksum can still result from a faulty packet).
The checksum is also optional in UDP for IPv4. If not used, it should be set to 0. For IPv6, it is mandatory to include.