North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: MTU path discovery and IPSec

  • From: Valdis.Kletnieks
  • Date: Thu Dec 04 17:58:08 2003

On Thu, 04 Dec 2003 16:40:45 EST, Joe Maimon <[email protected]>  said:

> I agree with all I have snipped.
> I was wondering would it not be wiser for fraggers to frag in half 
> instead of just the overflow?

There's 2 cases here:

1) This is the final frag on the path - if PMTUD is in use, we want to frag
right at the overflow so the connection can use the max (so if we're fragging
from 1500 down to 1410, they end up with 1410 rather than 750).

2) There's an even more restrictive frag further downstream.  We frag from 1500
to 1460, and somebody else frags from 1460 down to 1410.  If you frag at overflow,
you end up with a PMTU of 1410.  If you fragged it in half, you avoid the second
frag but end up with a PMTU of 750.

After several dozen packets, the difference between 750 and 1410 will start to become

Attachment: pgp00011.pgp
Description: PGP signature