Re: FCS computation

satish_b1 · ‎06-06-2007

Dear Readers,

Pls help me with this one:

The FCS filed in the Ethernet frame is used to detect corrupted frames. Now this FCS is a number which is arrived at after running a cyclic redundancy check(ie CRC). I would like to know whether the CRC is applied to all the fields (including data?) of the frame? Thanks!

Amit Singh · ‎06-06-2007

CRC is applied to payload only not the hearder and trailer of the ethernet frames.It takes the sum of all the 1s in the payload and adds them together.The result is stored as a hexadecimal value in the trailer. The receiving device adds up the 1s in the payload and compares the result to the value stored in the trailer. If the values match, the packet is good. But if the values do not match, the receiving device sends a request to the originating device to resend the packet.

HTH,Please rate if it does.

-amit singh

satish_b1 · ‎06-07-2007

Hello Amit,

Thanks very much for your reply.

I am still not very convinced though. Lets say the payload contained 00001111 originally. Suppose someone tampered this data to change the bits to 11110000 -now even in this case, the above mentioned check will result in passing the frame as good, which is not true! Similarly, as you say if header information is excluded then wont it be easy for someone to masquerade the sender mac/ip addresses --thereby compromising the intregity and the FCS not detecting it.

Pls share your thoughts on this.

Regards,

Satish

ycae · ‎06-07-2007

Hi,

Well the ip address is part of the SDU (payload) at layer2 where the FCS is calculated. Furthermore the FCS is used to check the integrity of the frame not the authenticity of a frame.

If you receive a frame, you are interessted in what is in the payload and you want to be sure that the data arrived correctly. You will take the payload, calculate your CRC and compare it with the result in the FCS frame. If both are identical you know that there was no error during transmission.

As far as i know FCS is not used to prevent spoofing or any security related process.

Yves

satish_b1 · ‎06-07-2007

Hello Yves,

Thanks for your reply -it was certainly helpful. Do you have any idea how security could be enforced at the lower layer protocols?

Rgds

Satish

ycae · ‎06-07-2007

Hi satish,

I think that this document could be very useful for you

http://www.cisco.com/application/pdf/en/us/guest/netsol/ns376/c649/cdccont_0900aecd800ebd1e.pdf

regards,

Yves

satish_b1 · ‎06-08-2007

Hello Yves,

Thank you very much for your help.

rgds

Satish

blatkinson · ‎06-08-2007

I think the CRC is computed for the whole frame. Take a look at what 802.1q has to do with the CRC: http://www.cisco.com/en/US/tech/tk389/tk390/technologies_tech_note09186a0080094665.shtml#topic2

Also, the CRC mathematics is more than just adding up the number of ones.

http://en.wikipedia.org/wiki/Cyclic_redundancy_check#The_mathematics_of_CRCs

ycae · ‎06-10-2007

Hi,

You are right with the CRC. I was checking a bit around and found the same. The CRC is basicaly calculated on the bit stream and as soon as it is out, the FCS will be appended to the frame. However, the CRC will not bring any security to Layer 2. Furthermore if the DA field will suffer a dammage while it is travelling in the network, the frame will most probably not reach its destination.

Correct me if i am wrong.

Yves

satish_b1 · ‎06-13-2007

Hello Brandon,

Thanks for the links. FCS computation indeed looks like involve all fileds of the frame, though some of my friends doubt this. :)

rgds

Satish