11-02-2017 03:01 PM - edited 03-05-2019 09:25 AM
Can anybody point me to some resources discussing how PFRv3 (as part of an IWAN solution) handles fragmented IP packets (or not) ?
We have an issue with our corporate IWAN solution whereby parent IP fragments are processed by PFRv3 yet child IP fragments seem to be ignored. Thus fragments of an IP packet can travel down different channels (network links) of our network and arrive out of order at a destination. Where destinations are wireless access points (that explicitly don't support out of order traffic) - this causes lots of problems.
11-03-2017 05:23 AM
I don't have an answer but I am curious.
Fragmentation is carried out at the IP layer (Layer 3). The result is that, apart from the initial fragment, we lose a lot of information. We know the IP protocol (ICMP, TCP, UDP etc.) but we lose the transport information i.e. the ports the application is communicating on.
I have some questions about your setup:
Is your IWAN policy configured for DSCP values or application id's?
Are the hosts marking the DSCP values or are you relying on inbound marking on the router?
11-03-2017 06:09 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide