[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: diffedge handling of fragments



> >>>>> "Sumit" == Sumit Vakil <sumit@calynet.com> writes:
> 
>     Sumit> Michael, Section 4.4.2 of RFC 2401 also says that 
> if the port
>     Sumit> information is not available in a fragment it is 
> to be discarded.
>     Sumit> The exact text is as follows:
> 
>     Sumit> If the packet has been fragmented, then the port 
> information may
>     Sumit> not be available in the current fragment.  If so, 
> discard the
>     Sumit> fragment.  An ICMP PMTU should be sent for the 
> first fragment,
>     Sumit> which will have the port information.  [MAY be supported]
> 
>   Uh, I read this to be in the context of doing ICMP PMTU 
> discovery for
> the end hosts of the MTU of the tunnel. 

Line 3 of the table just above this paragraph (the one that shows how to
derive the port selector for the SPD and the SAD) indicates the condition
when a fragment is to be dropped:
	next header in fragment == transport layer protocol in SPD

My understanding is that the table is to be used for all traffic.  If that
is true, then fragments satisfying the above condition have to be dropped.

Sumit