Authentication Header, the part of
IPsec that provides authentication. AH is designed to "provide
connectionless integrity and data origin authentication for
IP datagrams, and to provide protection against
replays." While it is supposed to authenticate the entire IP
packet, some
fields in the
IP header (
TTL,
Checksum,
Type of Service,
IP Flags, and
Fragment Offset are excluded in
IPv4, as well as several of the
IP Header Options).
AH is described and defined by RFC 2402.