Packet fragmentation question - Firewalls

This is a discussion on Packet fragmentation question - Firewalls ; In an inter-networking fragmentation scheme (i.e. end-to-end), AIUI assembly only occurs at tranmission destination, even if the packets cross multiple networks. This is in contrast to the intra-network fragmentation scheme, which reassembles at every gateway. My question relates to the ...

+ Reply to Thread
Results 1 to 5 of 5

Thread: Packet fragmentation question

  1. Packet fragmentation question

    In an inter-networking fragmentation scheme (i.e. end-to-end), AIUI assembly
    only occurs at tranmission destination, even if the packets cross multiple
    networks. This is in contrast to the intra-network fragmentation scheme,
    which reassembles at every gateway.

    My question relates to the way that the fragmentation occurs at each
    gateway. Obviously when the message leaves the source station it is
    fragmented in a standard manner. This involves splitting the data into
    multiple packets (generally the size of the maximum transmission unit
    [MTU]). The original data is split into packets that are equal to the MTU
    minus the packet overheads (e.g. header etc). However, I'm not entirely sure
    what happens when the message reaches the next gateway.

    Am I correct in saying that the packet created at the source station is then
    fragmented (if necessary), at the next gateway? So, say a 1000 octet packet
    (60 overhead + 940 data) reaches the next gateway - would that individual
    packet then be fragmented? So, then say the MTU of the next network is 800
    octets, and the 1000 octet packet was received - would the 940 octets of
    data be extracted, then split into two packets, one of 800 octets (data +
    overhead), another with the leftover (remaining data + overhead)?

    TIA.



  2. Re: Packet fragmentation question

    In article ,
    "John E" wrote:

    > In an inter-networking fragmentation scheme (i.e. end-to-end), AIUI assembly
    > only occurs at tranmission destination, even if the packets cross multiple
    > networks. This is in contrast to the intra-network fragmentation scheme,
    > which reassembles at every gateway.


    Your second scheme doesn't make any sense. By definition there are no
    gateways involved in intra-network communications. In any case,
    reassembly never occurs anywhere other than at the destination.

    >
    > My question relates to the way that the fragmentation occurs at each
    > gateway. Obviously when the message leaves the source station it is
    > fragmented in a standard manner. This involves splitting the data into
    > multiple packets (generally the size of the maximum transmission unit
    > [MTU]). The original data is split into packets that are equal to the MTU
    > minus the packet overheads (e.g. header etc). However, I'm not entirely sure
    > what happens when the message reaches the next gateway.
    >
    > Am I correct in saying that the packet created at the source station is then
    > fragmented (if necessary), at the next gateway? So, say a 1000 octet packet
    > (60 overhead + 940 data) reaches the next gateway - would that individual
    > packet then be fragmented? So, then say the MTU of the next network is 800
    > octets, and the 1000 octet packet was received - would the 940 octets of
    > data be extracted, then split into two packets, one of 800 octets (data +
    > overhead), another with the leftover (remaining data + overhead)?


    Yes. Unless the packet has the Don't Fragment flag set, in which case
    the router will drop the packet and send an ICMP Fragmentation Required
    but DF Set message back to the origin.

    --
    Barry Margolin, barmar@alum.mit.edu
    Arlington, MA
    *** PLEASE post questions in newsgroups, not directly to me ***
    *** PLEASE don't copy me on replies, I'll read them in the group ***

  3. Re: Packet fragmentation question

    On Apr 9, 1:11 pm, "John E" wrote:

    > Am I correct in saying that the packet created at the source station is then
    > fragmented (if necessary), at the next gateway? So, say a 1000 octet packet
    > (60 overhead + 940 data) reaches the next gateway - would that individual
    > packet then be fragmented? So, then say the MTU of the next network is 800
    > octets, and the 1000 octet packet was received - would the 940 octets of
    > data be extracted, then split into two packets, one of 800 octets (data +
    > overhead), another with the leftover (remaining data + overhead)?


    Yes. Fragments are fragmented precisely the same way non-fragments are
    fragmented.

    DS


  4. Re: Packet fragmentation question

    Hello,

    Barry Margolin a écrit :
    >
    > In any case,
    > reassembly never occurs anywhere other than at the destination.


    However it appears that some firewalls and NATs do packet reassembly
    because they need it for stateful packet inspection.

    [Is this huge crosspost necessary ? FU2 comp.protocols.tcp-ip]

  5. Re: Packet fragmentation question

    On Apr 9, 3:11 pm, "John E" wrote:
    > In an inter-networking fragmentation scheme (i.e. end-to-end), AIUI assembly
    > only occurs at tranmission destination, even if the packets cross multiple
    > networks. This is in contrast to the intra-network fragmentation scheme,
    > which reassembles at every gateway.
    >
    > My question relates to the way that the fragmentation occurs at each
    > gateway. Obviously when the message leaves the source station it is
    > fragmented in a standard manner. This involves splitting the data into
    > multiple packets (generally the size of the maximum transmission unit
    > [MTU]). The original data is split into packets that are equal to the MTU
    > minus the packet overheads (e.g. header etc). However, I'm not entirely sure
    > what happens when the message reaches the next gateway.
    >
    > Am I correct in saying that the packet created at the source station is then
    > fragmented (if necessary), at the next gateway? So, say a 1000 octet packet
    > (60 overhead + 940 data) reaches the next gateway - would that individual
    > packet then be fragmented? So, then say the MTU of the next network is 800
    > octets, and the 1000 octet packet was received - would the 940 octets of
    > data be extracted, then split into two packets, one of 800 octets (data +
    > overhead), another with the leftover (remaining data + overhead)?
    >
    > TIA.


    Why do you want want fragmentation? Gateways are always pathways out
    of your network. They are always routers.


+ Reply to Thread