IP Fragmentation

Fernando Gont fernando at gont.com.ar
Thu Aug 28 18:46:56 CDT 2008


At 08:44 p.m. 28/08/2008, Glen Kent wrote:

>I understand that routers usually must send this error only when a
>fragmentation is required and they recieve a packet with DF bit set.
>However, in this case this router would drop the packet (for it doesnt
>support fragmentation) and sending an ICMP error back to the host,
>warning it that its packets will get dropped seems to be a better
>option.
>
>OTOH, what do most of the implementations do if they send a regular IP
>packet and receive an ICMP dest unreachable - Fragmentation reqd
>message back? Do they fragment this packet and then send it out, or
>this message is silently ignored?

You may want to have a look at this IETF I-D: 
http://www.gont.com.ar/drafts/icmp-attacks/draft-ietf-tcpm-icmp-attacks-03.txt. 
The PMTUD modification described in the draft ships (at least) in 
OpenBSD and NetBSD.

Thanks!

Kind regards,

--
Fernando Gont
e-mail: fernando at gont.com.ar || fgont at acm.org
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1








More information about the NANOG mailing list