Re: [vpp-dev] Fragmented IP and ACL

Dear Khers, On 5/8/18, khers wrote: > Dear Andrew > > I like to write this test as a testcase, I will work on that in my spare > time. > I like your solution about separate code path, but I think defragmentation > could solve the problem and reassembly may have overhead.

Re: [vpp-dev] Fragmented IP and ACL

Dear Andrew I like to write this test as a testcase, I will work on that in my spare time. I like your solution about separate code path, but I think defragmentation could solve the problem and reassembly may have overhead. In defragmentation, information of fragmented packets is kept and all of

Re: [vpp-dev] Fragmented IP and ACL

Yeah back in the day the fragment reassembly code was not there yet, so there is a choice either to drop all the fragments on the floor, or rely on the receiving TCP stack to drop the non-initial fragments, like IOS did. There is a knob that allows you to choose the behavior between the two by

[vpp-dev] Fragmented IP and ACL

Dear vpp folks I have a simple topology and a permit+reflect rule for udp on destination port 1000 as pasted in this link. I send a big file from 172.20.1.2 to 172.20.1.1 port 1001 with nc and I receive some packets (non first fragment) in second client