IP Fragmentation - Not reliable over the Internet?

• Previous message (by thread): IP Fragmentation - Not reliable over the Internet?
• Next message (by thread): IP Fragmentation - Not reliable over the Internet?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 30/08/2013 16:36, Benno Overeinder wrote:
> On 08/30/2013 01:58 PM, Randy Bush wrote:
>>> In a study using the RIPE Atlas probes, we have used a heuristic to
>>> figure out where the fragments where dropped.  And from the Atlas
>>> probes where IP fragments did not arrive, there is a high likelihood
>>> the problem is with the last hop to the Atlas probe.
>>
>> i wonder if this is correlated with the high number of probes being
>> behind nats.
> 
> That would be a viable explanation, although we have not tried to
> fingerprint the probes to figure out if this was true.
> 
> If we will rerun the experiments in the future, we should spent more
> effort into identifying the router/middlebox that is giving the IP
> fragmentation problems (drops or blocking PMTUD ICMP).

Maybe this provides a bit of insight:
>From a test last week from all RIPE Atlas probes to a single "known
good" MTU 1500 host I compared probes where I had both a ping test with
ipv4.len 1020 and ipv4.len 1502.
behind NAT probes: 12%  1020 bytes ping worked while 1502 failed
non-NATted probes:  6%    ""

hth,
Emile Aben
RIPE NCC

• Previous message (by thread): IP Fragmentation - Not reliable over the Internet?
• Next message (by thread): IP Fragmentation - Not reliable over the Internet?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]