Buy or Renew
Buy or Renew
COMING SOON: Umbrella and Secure Access release notes are coming to Cisco Community. The community will be in read-only August 16 – 19. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2564
Views
0
Helpful
0
Replies

DF Bit clear clarification

ahmad82pkn
Level 2
Level 2

‎04-12-2017 05:46 PM - edited ‎03-05-2019 08:20 AM

Hi,

as per this document when DF bit is set to clear, it allows router to fragment the packets.

http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_dplane/configuration/15-mt/sec-ipsec-data-plane-15-mt-book/sec-df-bit-ovride.html

The clear keyword clears the DF bit in the outer IP header, and the router may fragment the packet to add the IP Security (IPSec) encapsulation.

But later in the same document it says

"In following example, the router is configured to globally clear the setting for the DF bit and copy the DF bit on the interface named Ethernet0. Thus, all interfaces except Ethernet0 will allow the router to send packets larger than the available MTU size; Ethernet0 will allow the router to fragment the packet"

Shouldnt it cause all interfaces to fragment the packet except ethernet 0 ? and ethernet 0 will drop it and send icmp type 3 code 4?

Please shed some light to clear my concepts.

1 person had this problem
Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card