[ih] Fragmentation [internet-history Digest, Vol 84, Issue 4]
Brian E Carpenter
brian.e.carpenter at gmail.com
Tue May 27 13:26:02 PDT 2014
Tony,
On 28/05/2014 02:49, Tony Li wrote:
> On May 26, 2014, at 6:04 PM, Jack Haverty <jack at 3kitty.org> wrote:
>
>> Related curiousity question - does Internet traffic today actually get Fragmented? How's that been working?
>
> Effectively, fragmentation is has been a total bust.
>
> The good news is that the world has standardized on Ethernet, so the only real MTU is 1500B. Nevertheless, there are many islands of Jumbo Ethernet.
>
> First, the performance of fragmentation has always been given short shrift. Router vendors never had significant motivation to make this fast.
>
> Second, Path MTU Detection (PMTUD) largely doesn’t work. It got added to the stack too late, and there are too few implementations of it. Before we could get it deployed, the Great DoS Wars started, with ICMP as the primary weapon of choice, and filtering kicked in. Today, ICMP is largely useless and reaches only a very small proportion of the net. Future network design either requires that we operate without feedback at all, or we provide a cryptographically secure way of authenticating arbitrary nodes rapidly and without subjecting ourselves to authentication DoS attacks.
>
> Third, IEEE refuses to standardize Jumbo Ethernet. Basically, their attitude is that anything that’s above 1500B is non-standard, non-interoperable, and evil. The IETF refuses to touch it because it’s clearly a link layer issue. It’s become an SDO no-man’s-land. So folks out there select large MTUs for their private data centers, but have to do strange things for departing traffic. And every data center is different.
I would add:
Fourth, fragmentation breaks deep packet inspection, so fragments simply get
dropped by many firewalls and server load balancers.
> And so it goes,
Or rather, doesn't go...
Brian
> Tony
>
>
>
More information about the Internet-history
mailing list