Networking
30 July 2020

Fragmentation

By admin@labtinker.net

I think the joy of tinkering is that you don’t have to do anything earth-shattering but just messing around can bring home elements you grasp theoretically or only get chance to see or work on occasionally in the wild. This post is a little ropey as it was never intended for publication, but it’s been a thin few weeks as I’m so-say studying for a cert.

I intended to investigate the effects of fragmentation on VPNs for reasons I can’t quite remember. In the event I only got as far as looking at it on my two dummy ‘ISP’ routers before I found something better to do. However, even this was mildly interesting (well, you can be the judge of that)

My set up was simple, even by my standards: two routers in GNS3. One named RTR-LON for London and the other RTR-FRA for France – (the inconsistency in naming one router after a city and another after a country was my desire to accurately reflect the hodge-podge you find in most real-life networks and in no way a senior moment.)

Figure 1: RTR-LON to RTR-FRA

On the RTR-FRA we have a loopback ip address of 70.70.70.7 and so I did an extended ping from RTR-LON with a packet size of 2000 bytes.

And thus we see a packet with a length of 1500 (the mtu of the interface) and a flag to tell us there are more fragments.

Figure 2: There’s more to come.

The next fragment contains the remainder of the packet

Figure 3: The next fragment.

So the overview in Wireshark looked like this…

Figure 4: Blurry Wireshark capture

OK, so let’s take it to the max. It turns out the biggest packet you can send with extended ping is 18024 on the virtual router I’m usiing.

Figure 5: Turning it up to 11.

And look how many fragments it takes to send one packet (though isn’t a fragment a packet in itself? But, it’s late and we all know what I mean.)

Figure 6: How many fragments?

How many fragments. Go on, count them? To send one mega-ping…. I should get a life, shouldn’t I?