11.4. AH Processing
Before looking at the details of AH encapsulation, let's take a moment to understand how IPsec processes AH packets. The input and output processing is different, of course, so we will treat them separately.
AH Output Processing
When an AH SA is first established, usually through an IKE negotiation, the authentication algorithm and keys are recorded, and the sequence number counter is set to 0. When IPsec determines that an outbound packet should have AH applied, it locates the appropriate SA and performs the following steps.
1. | An AH header template is inserted between the IP and upper-layer headers.
| 2. | The sequence number is incremented and stored in the AH header. At this time, AH checks to ensure that the sequence number will not wrap. If it will, AH creates a new SA and initializes the sequence number to 0. In either case, the sequence number is incremented and stored in the AH header.
As indicated earlier, the peer can inform AH that it is not checking sequence numbers, in which case AH need not check whether the sequence number has cycled.
| 3. | The rest of the AH fields, with the exception of the ICV, are filled in.
| 4. | If required, arbitrary padding is added to the AH header to ensure that it is a multiple of 32 bits (64 bits for IPv6).
| 5. | The mutable fields in the IP header and the ICV field in the AH header are zeroed, and the ICV is calculated over the entire IP datagram. If a source routing option is present in the IP header, the destination address must be set to the final destination address before calculating the ICV.
| 6. | The mutable fields are filled in, and the ICV is stored in the AH header. If a source-routing option is present, the destination address field of the IP header is reset to the next intermediate destination. | 7. | The IP datagram is placed on the output queue for transmission to its destination.
|
AH Input Processing
An authenticated IP datagram may have been fragmented on its way to its destination. If so, the fragments must be gathered and the datagram reassembled before AH can do any processing. Once an entire datagram is available, AH performs the following steps.
1. | Based on the SPI in the AH header and the destination address in the IP header, the applicable AH SA is located. If an SA that applies to the datagram cannot be located, the datagram is dropped.
| 2. | If sequence number checking is enabled, AH verifies the sequence number as described earlier. If the sequence number is too old or is a duplicate, the datagram is dropped.
| 3. | AH copies the IP and AH headers and zeroes the mutable fields of the IP header and the ICV of the AH header.
| 4. | The authentication algorithm and key specified in the SA are used to calculate an ICV for the entire packet, and the result is compared with the original value in the AH header. If the values do not match, the packet is dropped. If the values agree, the antireplay window is updated.
| 5. | The AH header is removed from the datagram, and the original IP header fields are restored. The datagram is placed on the input queue for normal IP processing.
|
 |
