[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: TCP small fragments

To: Vishwas Manral <Vishwas@sinett.com>
Subject: Re: TCP small fragments
From: pmrn <pmrn@mac.com>
Date: Wed, 16 Feb 2005 06:14:10 -0500
Cc: opsec@ops.ietf.org
In-reply-to: <BB6D74C75CC76A419B6D6FA7C38317B2628B74@sinett-sbs.SiNett.LAN>
References: <BB6D74C75CC76A419B6D6FA7C38317B2628B74@sinett-sbs.SiNett.LAN>

Vishwas,

The minimum packet length TCP/IP packet must carry the entire packet information, i.e transport and network header plus 1 byte (41 bytes for TCP/IP). This means that the header portion is not to be fragmented.

Pall Ramanathan
On Feb 16, 2005, at 5:51 AM, Vishwas Manral wrote:

<x-tad-bigger>Hi folks,</x-tad-bigger>

<x-tad-bigger> </x-tad-bigger>

<x-tad-bigger>IP packets containing TCP payload can be fragmented. Firewalls have checks on TCP flags to check if there are illegal combinations of TCP flags. However if the TCP header in the IP packet itself is fragmented, it may not be easy to track such a packet.</x-tad-bigger>

<x-tad-bigger> </x-tad-bigger>

<x-tad-bigger>What is the default behavior for such packets in which the TCP header itself is not completely there (I know a lot of hosts crash on getting such packets)? How do ISP deal with such scenarios?</x-tad-bigger>

<x-tad-bigger> </x-tad-bigger>

<x-tad-bigger>Thanks,</x-tad-bigger>

<x-tad-bigger>Vishwas</x-tad-bigger>

<x-tad-bigger> </x-tad-bigger>

<x-tad-bigger> </x-tad-bigger>

<x-tad-bigger> </x-tad-bigger>

Pall Ramanathan
Work: 678-9359670
Mobile: 678-576-7105

www.amalannetworks.com

Learn like you will live for ever and Live like you will die tomorrow-Gandhi

References:
- TCP small fragments
  - From: "Vishwas Manral" <Vishwas@sinett.com>

Prev by Date: TCP small fragments
Next by Date: RE: TCP small fragments
Previous by thread: TCP small fragments
Next by thread: RE: TCP small fragments
Index(es):
- Date
- Thread