Paul Dong So wrote: > > Hi All, > > Please shed a light on this as I am confused. > > Fragmentation for UDP/TCP: > * Only the first fragment contains the UDP or TCP header, not > the > sequencial fragments?
Yes that's right. Only the first fragment contains the UDP or TCP header. The rest of the fragments contain upper-layer headers (if they didn't fit into the first one) and data. The packet gets chopped up, just like you would chop up a zuchinni for cooking. > > Fragementation for IP packets > * every fragmented packet will contains ip header? Every fragment contains the IP header. The IP header must be there in its entirety. It could be up to 60 bytes with all its options. Usually it's 20 bytes. (The options aren't used much.) According to RFC 791, the minimum fragment size is 68 bytes. This includes an IP header with all option data filled in and 8 bytes of the next layer. It turns out that this isn't really big enough though! With a full IP header and 8 bytes of TCP, you wouldn't get the TCP code bits (such as SYN, ACK, RST, FIN) in the first fragment. This means the first packet could get past firewalls that might be blocking SYNs, for example. The firewall might allow the second packet, not recognizing that it is a SYN packet because it starts part-way into the TCP header! Oh what fun we have here. RFC 1858 talks about this issue and recommends filtering tiny fragments. > > MTU 1500 bytes, doesn't it mean the data payload can not exceed > 1500 > bytes or the whole packet size(payload+header) can not exceed > 1500 > bytes? The term MTU gets used at all layers! You have to know the context when the term gets used. Usually 1500 bytes would refer to payload at the data-link Ethernet layer. An Ethernet frame is 1518 bytes counting the header and 4-byte CRC. This leaves 1500 bytes for all the other layers, including possibly, IP, TCP, etc. >From IP's point of view the MTU might be 1480. This means an IP packet can carry 1480 bytes of data, following the IP header itself. This might be useful on an Ethernet LAN when IP options are not used. The term "MTU" is unfortunately used inconsistently. You have to consider the context to know what it really is referring to, as I mentioned. _______________________________ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com > > Thanks in advance > > Paul > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=60648&t=60643 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
