[Bridge] Re: Any way of knowing a packet's been defragmented

bdschuym at pandora.be bdschuym at pandora.be
Thu Aug 5 08:02:14 PDT 2004

>----- Oorspronkelijk bericht -----
: Henrik Nordstrom [mailto:hno at marasystems.com]
: donderdag
, augustus
 5, 2004 01:10 PM
>Eh.. I do not claim to be a bridge guru, but won't such bridge cause 
>serious havoc on the network much like PMTU blackholes does?

Someone who sets up such a bridge should obviously know what she is doing. That's not our problem.

>You should either reject creating such bridge, or make sure to fragment 
>packets including ICMP MUST FRAGMENT generation when not allowed (which 
>requires an IP).

It's connection tracking that is responsible for the defragmentation and connection tracking WILL refragment the packets, BUT only if the bridge code doesn't drop the packet first.
The bridge code should obviously not send any ICMP message.

More information about the Bridge mailing list