Revision as of 21:14, 19 May 2011 edit Nick Number (talk \| contribs) Autopatrolled, Extended confirmed users, File movers, Pending changes reviewers, Rollbackers 200,178 edits m repaired link(s) to disambiguation page - (you can help) - Ethereal ← Previous edit		Revision as of 19:18, 9 September 2011 edit undo 63.229.71.9 (talk) fix grammar Next edit →
Line 8: This can be accomplished by several approaches: * To set the IP datagram size equal or smaller than the directly attached medium (Inin our case 802.3) and delegate all further fragmentation of datagrams to routers., ~~Meaning~~meaning that routers decide if the current datagram should be re-fragmented or not. This offloads a lot of work on to routers, and can also result in packets being segmented by several IP routers one after another, resulting in very peculiar fragmentation. * To preview all links between source and destination and select the smallest MTU in this route, assuming there is a unique route. This way we make sure that the fragmentation is done by the sender, using a packet-size smaller than the selected MTU, and there is no further fragmentation en-route. This solution, called [[Path MTU Discovery]], allows a sender to fragment/segment a long [[Internet]] [[packet (information technology)\|packet]], ~~Rather~~rather than relying on routers to perform IP-level fragmentation. This is more efficient and more scalable. It is therefore the recommended method in the current Internet. The problem with this approach is that each packet is routed independently; they may well typically follow the same route, but they may not, and so a probe packet to determine fragmentation may follow a path different from paths taken by later packets. Three fields in the [[IPv4#Header\|IP header]] are used to implement fragmentation and reassembly. The "Identification", "Flags" and "Fragment Offset" fields. Line 51: Because an IP internet can be connectionless, fragments from one datagram may be interleaved with those from another at the destination. The "Identification field" uniquely identifies the fragments of a particular [[datagram]]. The source system sets "Identification" in each datagram to a unique value. ~~For~~for all datagrams using the same source IP address, destination IP address, and "Protocol" values for the lifetime of the datagram on the internet. This way the destination can distinguish which incoming fragments belong to a unique datagram and buffer all of them until the last fragment received. The last fragment sets the "More Fragment" bit to 0 and this tells the receiving station to start reassembling the data if all fragments have been received. The following is a real-life fragmentation example: Line 134: </code> Note that ~~Only~~only the first fragment contains the ICMP header and all remaining fragments are generated without the ICMP header. Two important points here: * In some datalink protocols such as Ethernet, ~~Only~~only the first fragment contains the full upper layer header., ~~Meaning~~meaning that other fragments look like beheaded datagrams. * Additional overhead imposed over network because all fragments contains their own IP header. Additional overhead = (number_of_fragments - 1) * (ip_header_len);

IP fragmentation attack: Difference between revisions