IP Fragmentation - Not reliable over the Internet?

Emile Aben emile.aben at ripe.net
Wed Aug 28 09:26:10 UTC 2013


On 28/08/2013 08:05, Tore Anderson wrote:
> * Owen DeLong
> 
>> On Aug 27, 2013, at 07:33 , Valdis.Kletnieks at vt.edu wrote:
>>
>>> Saku Ytti and Emile Aben have numbers that say otherwise.  And there must
>>> be a significantly bigger percentage of failures than "pretty close to 0",
>>> or Path MTU Discovery wouldn't have a reputation of being next to useless.
>>
>> No, their numbers describe what happens to single packets of differing sizes.
>>
>> Nothing they did describes results of actually fragmented packets.
> 
> Yes, it did.
> 
> Hint: 1473 + 8 + 20

For Saku: yes. For me: that was my intention, but later I discovered the
Atlas ping does include the ICMP header in it's 'size' parameter so what
I did in effect was 1473 + 20 = 1493 (and not the 1501 I intended).

Redid the tests to a "known good" destination where I knew interface MTU
(1500) and could tcpdump which confirmed that I was looking at
fragmentation. I also took an offline recommendation to do different
packet sizes to try to distinguish fragmentation issues from general
corruption-based packet loss.

Results:
size = ICMP packet size, add 20 for IPv4 packet size
fail% = % of vantage points where 5 packets where sent, 0 where received.
#size	fail%   vantage points
100	0.88	2963
300	0.77	3614
500	0.88	1133
700	1.07	3258
900	1.13	3614
1000	1.04	770
1100	2.04	3525
1200	1.91	3303
1300	1.76	681
1400	2.06	3014
1450	2.53	3597
1470	3.01	2192
1470	3.12	3592
1473	4.96	3566
1475	4.96	3387
1480	6.04	679
1480	4.93	3492 [*]
1481	9.86	3489
1482	9.81	3567
1483	9.94	3118

There is a ~5% difference going up from 1480 to 1481.

As to interpreting this: Leo Bicknell's observations (this is to a
"known good" host, and the RIPE Atlas vantage points may very well have
a clueful-operator bias) stand, so interpret with care. Also: roughly
2/3 of these vantage points are behind NATs that may also have some
firewall(ish) behaviour.

Hope this data point helps interpreting the magnitude of IPv4
fragmentation problems.

Emile Aben
RIPE NCC

[*] redid the 'size 1480' experiment because the first time around it
had significantly less vantage points.



More information about the NANOG mailing list