cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
339
Views
0
Helpful
3
Replies

To prevent the last IP-Fragment not be a RUNT

jkodali
Level 1
Level 1

Sometimes on our IP fragmented network, last fragments are falling below the size of 64 bytes and our filters are dropping them.Is there any workaround to configure that all the IP fragments will atleast of size 64 bytes.

3 Replies 3

Kevin Dorrell
Level 10
Level 10

This shouldn't be an issue. Even if the last IP fragment is less than 64 bytes (or even if a fragment of a telnet session is a single character), the layer 2 should always pad this out so that the frame comes to 64 bytes. That way you don't get runts.

But you say "our filters are dropping them". What filters are you talking about here?

BTW, it is interesting to contemplate how layer 2 pads the frame. Many years ago, I saw some equipment from a manufacturer that shall remain nameless, that padded the frame to 64 bytes, but did not clear that part of memory first. What got transmitted in the pad included random bits of whatever was in memory at the time. Security hazard or what! ;-)

Kevin Dorrell

Luxembourg

whatever device is sending out the runts is not working properly. It is not necessarily a router. Many applications hand large packets to TCP that IP has to fragment before the host sends them out. See if the runt packets are from a particular host or application. (hint: Watch out for Oracle/TNS).

Another thing to look out for is a half-duplex full-duplex mismatch between the switch and the host. They should be both full- or both half- or both auto-. But NOT auto- on one side and full- on the other.

Kevin Dorrell

Luxembourg

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco