<div dir="ltr">The good ones do. You need to reassemble the packets if you want to enforce proper stateful TCP. I wonder how those new network stacks that use MSS to send packets directly to a specific core will handle fragments, since they need all packets for a flow to get assigned to the same core, which means L3/L4 must hash to the same value, and no L4 for later fragments. Unless all fragmented packets get handled on a specific core, like ICMP.</div><div class="gmail_extra"><br><div class="gmail_quote">On Fri, May 6, 2016 at 1:50 PM, David Lang <span dir="ltr"><<a href="mailto:david@lang.hm" target="_blank">david@lang.hm</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">On Fri, 6 May 2016, Stephen Hemminger wrote:<br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
On Fri, 6 May 2016 02:00:02 -0700 (PDT)<br>
David Lang <<a href="mailto:david@lang.hm" target="_blank">david@lang.hm</a>> wrote:<br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
On Fri, 6 May 2016, moeller0 wrote:<br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Hi Jonathan,<br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
On May 6, 2016, at 06:44 , Jonathan Morton <<a href="mailto:chromatix99@gmail.com" target="_blank">chromatix99@gmail.com</a>> wrote:<br>
<br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
On 6 May, 2016, at 07:35, Dave Taht <<a href="mailto:dave.taht@gmail.com" target="_blank">dave.taht@gmail.com</a>> wrote:<br>
<br>
this would be a pretty nifty feature for cake to have in this hostile universe.<br>
</blockquote>
<br>
Yes, but difficult to implement since the trailing fragments lose the proto/port information, and thus get sorted into a different queue than the leading fragment. We would essentially need to implement the same tracking mechanisms as for actual reassembly.<br>
</blockquote>
<br>
But the receiver needs to be able to re-segment the fragments so all required information needs to be there; what about looking at src and dst address and the MF flag in the header as well as the fragment offset and scrape proto/port from the leading fragment and “virtually” apply it to all following fragments, that way cake will do the right thing. All of this might be too costly in implementation and computation to be feasible…<br>
</blockquote>
<br>
wait a minute here. If the fragments are going to go over the network as<br>
separate packets, each fragment must include source/dest ip and source/dest<br>
port, otherwise the recipient isn't going to be able to figure out what to do<br>
with it.<br>
<br>
David Lang<br>
</blockquote>
<br>
Fragments are reassembled by IP id, not src/dest port.<br>
Only the first fragment has the L4 header with src/dest port,<br>
all the rest are just data.<br>
<br>
That is why most firewalls reassemble all packets (and then refragment as needed)<br>
to allow matching on port values.<br>
</blockquote>
<br></span>
actually, many firewalls do not reassemble packets, they pass packets through without reassembly.<br>
<br>
what IP id are you referring to? I don't remember any such field in the packet header.<span class="HOEnZb"><font color="#888888"><br>
<br>
David Lang</font></span><div class="HOEnZb"><div class="h5"><br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
For several cases where flow information is necessary most code does:<br>
flowid = is_fragementd(ip) ? ip->id : hash(ip + tcp)<br>
<br>
</blockquote>
</div></div><br>_______________________________________________<br>
Cake mailing list<br>
<a href="mailto:Cake@lists.bufferbloat.net">Cake@lists.bufferbloat.net</a><br>
<a href="https://lists.bufferbloat.net/listinfo/cake" rel="noreferrer" target="_blank">https://lists.bufferbloat.net/listinfo/cake</a><br>
<br></blockquote></div><br></div>