[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

IP packet fragmentation



How are IP security transforms applied to fragmented packets (for
example a 2000 byte PING which is fragmented into a 1500 byte fragment
(header+data) and  548 byte fragment (header+data))?.  Is the packet
reassembled in the outbound direction and then the security transform
applied to the entire reassembled packet?, or is the security transform
applied to the first 1500 byte fragment, and 548 byte fragment
independently?

Raul Olaya


Follow-Ups: