North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: IP Fragmentation

  • From: Fernando Gont
  • Date: Thu Aug 28 19:51:22 2008

At 08:44 p.m. 28/08/2008, Glen Kent wrote:

I understand that routers usually must send this error only when a
fragmentation is required and they recieve a packet with DF bit set.
However, in this case this router would drop the packet (for it doesnt
support fragmentation) and sending an ICMP error back to the host,
warning it that its packets will get dropped seems to be a better
option.

OTOH, what do most of the implementations do if they send a regular IP
packet and receive an ICMP dest unreachable - Fragmentation reqd
message back? Do they fragment this packet and then send it out, or
this message is silently ignored?

You may want to have a look at this IETF I-D: http://www.gont.com.ar/drafts/icmp-attacks/draft-ietf-tcpm-icmp-attacks-03.txt. The PMTUD modification described in the draft ships (at least) in OpenBSD and NetBSD.


Thanks!

Kind regards,

--
Fernando Gont
e-mail: [email protected] || [email protected]
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1