Joe, >> IPv4 fragments do have a higher drop probability than other packets. Just >> from the fact that multiple end-users are sharing a 16 bit identifier space. > > It’s really the fact that NATs that process fragments don’t reassemble before > translating and/or don’t rate limit fragments they generate as already > required by 791 (as explained in 6884).
That’s incorrect. See https://tools.ietf.org/html/rfc7597#section-8.3.3 > A NAT that is broken isn’t helping users share addresses. It’s just broken. I wish it was that simple. Cheers, Ole _______________________________________________ Int-area mailing list Int-area@ietf.org https://www.ietf.org/mailman/listinfo/int-area