stringtranslate.com

IP fragmentation

An example of the fragmentation of a protocol data unit in a given layer into smaller fragments.

IP fragmentation is an Internet Protocol (IP) process that breaks packets into smaller pieces (fragments), so that the resulting pieces can pass through a link with a smaller maximum transmission unit (MTU) than the original packet size. The fragments are reassembled by the receiving host.

The details of the fragmentation mechanism, as well as the overall architectural approach to fragmentation, are different between IPv4 and IPv6.

Process

RFC 791 describes the procedure for IP fragmentation, and transmission and reassembly of IP packets.[1] RFC 815 describes a simplified reassembly algorithm.[2] The Identification field along with the foreign and local internet address and the protocol ID, and Fragment offset field along with Don't Fragment and More Fragments flags in the IP header are used for fragmentation and reassembly of IP packets.[1]: 24 [2]: 9 

If a receiving host receives a fragmented IP packet, it has to reassemble the packet and pass it to the higher protocol layer. Reassembly is intended to happen in the receiving host but in practice, it may be done by an intermediate router, for example, network address translation (NAT) may need to reassemble fragments in order to translate data streams.[3]

IPv4 and IPv6 differences

The fragmentation algorithm in IPv4.
An example of IPv4 multiple fragmentation. The fragmentation takes place on two levels: in the first one the maximum transmission unit is 4000 bytes, and in the second it is 2500 bytes.

Under IPv4, a router that receives a network packet larger than the next hop's MTU has two options: drop the packet if the Don't Fragment (DF) flag bit is set in the packet's header and send an Internet Control Message Protocol (ICMP) message which indicates the condition Fragmentation Needed (Type 3, Code 4), or fragment the packet and send it over the link with a smaller MTU. Although originators may produce fragmented packets, IPv6 routers do not have the option to fragment further. Instead, network equipment is required to deliver any IPv6 packets or packet fragments smaller than or equal to 1280 bytes and IPv6 hosts are required to determine the optimal MTU through Path MTU Discovery before sending packets.

Though the header formats are different for IPv4 and IPv6, analogous fields are used for fragmentation, so the same algorithm can be reused for IPv4 and IPv6 fragmentation and reassembly.

In IPv4, hosts must make a best-effort attempt to reassemble fragmented IP packets with a total reassembled size of up to 576 bytes. They may also attempt to reassemble fragmented IP packets larger than 576 bytes, but they are also permitted to silently discard such larger packets. Applications are recommended to refrain from sending packets larger than 576 bytes unless they have prior knowledge that the remote host is capable of accepting or reassembling them.[1]: 12 

In IPv6, hosts must make a best-effort attempt to reassemble fragmented packets with a total reassembled size of up to 1500 bytes, larger than IPv6's minimum MTU of 1280 bytes.[4] Fragmented packets with a total reassembled size larger than 1500 bytes may optionally be silently discarded. Applications relying upon IPv6 fragmentation to overcome a path MTU limitation must explicitly fragment the packet at the point of origin; however, they should not attempt to send fragmented packets with a total size larger than 1500 bytes unless they know in advance that the remote host is capable of reassembly.

Impact on network forwarding

When a network has multiple parallel paths, technologies like LAG and CEF split traffic across the paths according to a hash algorithm. One goal of the algorithm is to ensure all packets of the same flow are sent out the same path to minimize unnecessary packet reordering.

IP fragmentation can cause excessive retransmissions when fragments encounter packet loss and reliable protocols such as TCP must retransmit all of the fragments in order to recover from the loss of a single fragment.[5] Thus, senders typically use two approaches to decide the size of IP packets to send over the network. The first is for the sending host to send an IP packet of size equal to the MTU of the first hop of the source-destination pair. The second is to run the Path MTU Discovery algorithm[6] to determine the path MTU between two IP hosts so that IP fragmentation can be avoided.

As of 2020, IP fragmentation is considered fragile and often undesired due to its security impact.[7]

See also

References

  1. ^ a b c Internet Protocol, Information Sciences Institute, September 1981, RFC 791
  2. ^ a b David D. Clark (July 1982), IP Datagram Reassembly Algorithms, RFC 815
  3. ^ Hain, Tony L. (November 2000), Architectural Implications of NAT, RFC 2993
  4. ^ S. Deering; R. Hinden (December 1998), Internet Protocol, Version 6 (IPv6) Specification, RFC 2460
  5. ^ Christopher A. Kent, Jeffrey C. Mogul. "Fragmentation Considered Harmful" (PDF).
  6. ^ Deering, Steve E.; Mogul, Jeffrey (November 1990), Path MTU Discovery, RFC 1191
  7. ^ IP Fragmentation Considered Fragile. September 2020. doi:10.17487/RFC8900. RFC 8900.

External links