[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: TCP small fragments



Only payload van be fragmented. Not header. Unless someone messed with TCP/IP stack, I do not know of single stack in commercial product, that fragments header.

Reasons are many, least being the ability to reassemble fragments accurately. You want check RFC (exact # escapes me at the moment).

Pall
On Feb 16, 2005, at 6:27 AM, Vishwas Manral wrote:

<x-tad-bigger>Hi Pall,</x-tad-bigger>

<x-tad-bigger> </x-tad-bigger>

<x-tad-bigger>I think this rule probably can apply to only the first fragment, I think we certainly can have fragments of a smaller size smaller then 40 bytes of data (especially the last fragment).</x-tad-bigger>

<x-tad-bigger> </x-tad-bigger>

<x-tad-bigger>Is this done by all deployed routers?</x-tad-bigger>

<x-tad-bigger> </x-tad-bigger>

<x-tad-bigger>Thanks,</x-tad-bigger>

<x-tad-bigger>Vishwas</x-tad-bigger>


<x-tad-bigger>From:</x-tad-bigger><x-tad-bigger> pmrn [mailto:pmrn@mac.com]</x-tad-bigger>
<x-tad-bigger> </x-tad-bigger><x-tad-bigger>Sent:</x-tad-bigger><x-tad-bigger> Wednesday, February 16, 2005 4:44 PM</x-tad-bigger>
<x-tad-bigger>To:</x-tad-bigger><x-tad-bigger> Vishwas Manral</x-tad-bigger>
<x-tad-bigger>Cc:</x-tad-bigger><x-tad-bigger> opsec@ops.ietf.org</x-tad-bigger>
<x-tad-bigger>Subject:</x-tad-bigger><x-tad-bigger> Re: TCP small fragments</x-tad-bigger>

 

Vishwas,

 

The minimum packet length TCP/IP packet must carry the entire packet information, i.e transport and network header plus 1 byte (41 bytes for TCP/IP). This means that the header portion is not to be fragmented.

 

Pall Ramanathan

On Feb 16, 2005, at 5:51 AM, Vishwas Manral wrote:

 

Hi folks,

 

 

 

IP packets containing TCP payload can be fragmented. Firewalls have checks on TCP flags to check if there are illegal combinations of TCP flags. However if the TCP header in the IP packet itself is fragmented, it may not be easy to track such a packet.

 

 

 

What is the default behavior for such packets in which the TCP header itself is not completely there (I know a lot of hosts crash on getting such packets)? How do ISP deal with such scenarios?

 

 

 

Thanks,

 

Vishwas

 

 

 

 

 

 

 

Pall Ramanathan

Work: 678-9359670

Mobile: 678-576-7105

 

www.amalannetworks.com

 

Learn like you will live for ever and Live like you will die tomorrow-Gandhi

Pall Ramanathan
Work: 678-9359670
Mobile: 678-576-7105

www.amalannetworks.com


Learn like you will live for ever and Live like you will die tomorrow-Gandhi