08-01-2013 11:24 AM - edited 03-18-2019 01:33 AM
Hello experts,
After capturing VSC Control and Expressway packets with Wireshark, I realized that the DF bit is set for each media RTP packet flowing outbound from the devices, if and when they are used as MTP for the streams.
Is there a way to turn this feature off ?
Before someone answers that there is an implementation of the PMTUD RFC on the boxes, I am fully aware of it, but it does not help in may case.
Thank you.
08-05-2013 12:58 PM
Hi,
Have you seen this:
With the release of X7 code for the Telepresence Video Communications Server (VCS), RFC 4821 is supported. When enabled, this allows the VCS to be able to respond to ICMP type 3, code 4 (Destination unreachable, fragmentation needed, DF flag is set) messages. The VCS will then readjust the frame size of the packet and retransmit. Below is a brief description on how to enable and disable this feature on the VCS:
The VCS X7 software now supports RFC4821:
IP RFC4821 Mode:
Determines when RFC4821 Packetization Layer Path MTU Discovery is used by the VCS network interface.
Enabled: Packetization layer MTU probing is always performed.
Auto: Disabled by default, enabled when an ICMP black hole is detected.
Disabled: Packetization layer MTU probing is not performed.
Default: Disabled
Example: xConfiguration IP RFC4821 Mode: Enabled
This feature is useful if you have a situation where fragmentation is occuring across a link or there is a potential for consistent congestion on the link.
08-05-2013 11:39 PM
Hi Ahmad,
Yes, as I mentioned in my previous post I am fully aware of this functionality, the only problem being that it must be enabled on every router hop in the network, and SPs very rarely or almost never enable it, or rely on PMTUD.
So I am wondering what the rationale was behind setting the DF bit in the IP packets, even for UDP traffic.
The thing I am missing is the possibility to turn the DF bit set to off, or adjust the MTU manually for all these frames.
Thanks,
Mihail
08-06-2013 12:36 AM
Hi Mihail,
RFC4821 provide mechanism to detect unreachable UDP port, for if there is link congestion.
It uses ICMP Type 3 code 3 -Destination not reachable when a UDP port is blocked.
If there is congestion on link, far-end or intermediate devices does not support the MTU as present value, it will send ICMP type 3 code 4 fragmentation needed.
If DF bit (Don't Fragment bit) is set in IP header flag, it will be informed as well.It does not pose any security threat from what I know and it will not affect the normal communication of the VCS.
regards, Ahmad
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: