Solved: IP Fragmentation - 2 Questions

kfarrington · ‎03-16-2005

Please can anyone help with these questions.

I actually have a problem with GRE tunnels and IP fragments but below, have just used FDDI example.

host2-------rtr1--------rtr2--------rtr3====mtu4000=====host1

host1 sits on an FDDI ring and has an MTU of 4000, host 1 sends a packet to host 2 and rtr3 to rtr2 to rtr1 are all ethernet 1500 mtu.

Q1. Does rtr3 send 3 fragments to rtr2, then rtr2 reasembles all 3 fragments to form the whole packet, then fragments the packet again to send to rtr1. rtr1 reasembles the packets to get the whole packet, and then fragments the packet again to send to host1

Q2. When the intermediate routers fragment the packet, does all the upper layer protocol headers get send within the payload (ie TCP/UDP headers) or are they stripped out in any way?

Kind regards,

Ken

Richard Burts · ‎03-16-2005

Ken

I believe that your statements about 1st packet and 2nd packet are correct.

HTH

Rick

HTH

Rick

View solution in original post

marikakis · ‎03-16-2005

Routers do not normally store initial fragments.

Detailed handling of fragments is more common for firewalls.

Please have a look at the following URL (Introduction, 5th paragraph) :

http://www.cisco.com/en/US/tech/tk827/tk369/technologies_white_paper09186a00800949b8.shtml#intro

About how ACLs handle fragments, have a look at the flowchart in the same document:

http://www.cisco.com/en/US/tech/tk827/tk369/technologies_white_paper09186a00800949b8.shtml#flowchart

M.

View solution in original post

Richard Burts · ‎03-16-2005

Ken

If host1 sends a large frame it will be fragmented at rtr3. The fragments pass through rtr2 and rtr1 and the reassembly of the packete is done at host2.

The general principle is that once fragmentation is performed the fragments are forwarded and reassembly is the responsibility of the destination. There would appear to be an exception to that if there is IPSec, GRE, or IPSEC with GRE where a packet might be fragmented at the entry to the tunnel and is reassembled at the exit from the tunnel.

If a packet is fragmented the header information is sent as part of the first fragment. It is not repeated in following fragments. I am not aware of any situation where the header information would be stripped out.

HTH

Rick

HTH

Rick

kfarrington · ‎03-16-2005

That is fantastic, many thx.

one point to clarify of yours.

So, the payload after the IP header contains the upper layer header information (ie TCP, UDP e

tc etc), and this is just sent as payload data,

1st packet

contains 1st (before application data) upper layer TCP/UDP header info (as IP packet payload), and then real application data (in payload ie, my name)

2nd packet

contains just more data (my address) and does not contain the tcp or udp headers etc etc

Can you confirm the above statements are true for 1st packet and 2nd packet,

So, how would a router filter a fragment packet based on L4 and above headers? Does it store the initial fragment, and that has a pointer or reference which is the same for all fragments and the router acts on that reference?

Can you just confirm that one small point.

And, thx very much for your reply.

As tony tiger says gggggggrrrreeeaaatttttt :)

Cheers,

Ken

Richard Burts · ‎03-16-2005

Ken

I believe that your statements about 1st packet and 2nd packet are correct.

HTH

Rick

HTH

Rick

marikakis · ‎03-16-2005

Routers do not normally store initial fragments.

Detailed handling of fragments is more common for firewalls.

Please have a look at the following URL (Introduction, 5th paragraph) :

http://www.cisco.com/en/US/tech/tk827/tk369/technologies_white_paper09186a00800949b8.shtml#intro

About how ACLs handle fragments, have a look at the flowchart in the same document:

http://www.cisco.com/en/US/tech/tk827/tk369/technologies_white_paper09186a00800949b8.shtml#flowchart

M.

kfarrington · ‎03-16-2005

Many thx to Rick and Mark - Brilliant.

:)