Re: fragmentation

[Henry Spencer <henry@spsystems.net>]

On Sat, 15 Dec 2001, Michael Richardson wrote:
>   The further proposal is that one might ignore the DF bit, fragment the
> packet going into the tunnel first (before ESP processing), producing ESP
> packets that do not need to be fragmented...

There's a potential problem here:  you'd need to remember, somehow,
whether this has been done.  You want to reassemble such force-fragmented
packets, because somebody's sure to have conniptions if a DF packet shows
up in pieces.  However, you *don't* want to try to reassemble packets
which are already fragmented when they reach you, because in the event of
multiple paths, you might never see all the fragments. 

What you need, in effect, is a "link level" fragmentation mechanism for
your virtual wires, logically independent of IP fragmentation.

> The question is then, what is the
> MTU of the tunnel, given that all fragments get lost, and that ICMPs
> generated from DF-set are filtered, etc. 

The MTU of a wire is the largest packet which can pass through without
*end-host-visible* fragmentation.  All kinds of things go on behind the
scenes on some links, e.g. the atrocities inflicted by ATM.  So in this
case, I think the answer is "pick a number". 

                                                          Henry Spencer
                                                       henry@spsystems.net

---

References:

• Re: fragmentation
• From: Michael Richardson <mcr@sandelman.ottawa.on.ca>

---

• Prev by Date: IKE v2 Requirements and backwards compatability
• Next by Date: Re: IKE v2 Requirements and backwards compatability
• Prev by thread: Re: fragmentation
• Next by thread: Re: fragmentation
• Index(es):
  • Main
  • Thread