Hi Pall,
I think this rule probably can apply to only
the first fragment, I think we certainly can have fragments of a smaller size smaller
then 40 bytes of data (especially the last fragment).
Is this done by all deployed routers?
Thanks,
Vishwas
From: pmrn
[mailto:pmrn@mac.com]
Sent: Wednesday, February 16, 2005
4:44 PM
To: Vishwas
Manral
Cc: opsec@ops.ietf.org
Subject: Re: TCP small fragments
The minimum packet length TCP/IP packet must carry the entire packet
information, i.e transport and network header plus 1 byte (41 bytes for
TCP/IP). This means that the header portion is not to be fragmented.
On Feb 16, 2005, at 5:51 AM, Vishwas Manral
wrote:
IP packets containing TCP payload can be fragmented.
Firewalls have checks on TCP flags to check if there are illegal combinations
of TCP flags. However if the TCP header in the IP packet itself is fragmented,
it may not be easy to track such a packet.
What is the default behavior for such packets in which the
TCP header itself is not completely there (I know a lot of hosts crash on
getting such packets)? How do ISP deal with such scenarios?
Learn like you will live for ever and
Live like you will die tomorrow-Gandhi