Transparent IP fragmentation

Question

From what I have understood so far, unlike non-transparent IP fragmentation; where packets are fragmented at the source and reassembled only at the destination; intermediate network systems in transparent IP fragmentation, reassemble and fragment the IP packet while in transit. Given the below example where two end-systems (A) and (B) communicate with each other, each of which is part of subnet1 and subnet3 respectively. Would router1 reassemble IP packet fragments sent by A and then send the whole non-fragmented packet to router2 who would fragment it before sending it to B ? Is this how transparent IP fragmentation works ?

(A) subnet1 ----- router1 ------ subnet2 ------- router2 ------- subnet3 (B)

Answer 1

I think you should read this post which gives you an idea of how it works.

For me the packet is rassemble by router1 sent to router2 and then arrive to B. In all cases B recieve the whole paquet and not fragments made by A.

Answer 2

In normal IPv4 fragmentation, a router will fragment a packet if the MTU of the next interface is smaller than the packet size. Fragmentation occurs on the router(s), but reassembly of the packet fragments is the responsibility of the end-system.

The use of fragmentation and reassembly between two intermediate systems in the path is not directly covered by the IPv4 RFC, so there is no real standard for how this happens. Basically, the end of one link will fragment a packet to fit the MTU of the link, and the other end of the link will reassemble the fragments to the original packet. This is not something that is common because it places a large burden on the routers. In normal fragmentation, the burden of reassembly is place on the end-system.

From RFC 791, Internet Protocol:

The basic internet service is datagram oriented and provides for the fragmentation of datagrams at gateways, with reassembly taking place at the destination internet protocol module in the destination host. Of course, fragmentation and reassembly of datagrams within a network or by private agreement between the gateways of a network is also allowed since this is transparent to the internet protocols and the higher-level protocols. This transparent type of fragmentation and reassembly is termed "network-dependent" (or intranet) fragmentation and is not discussed further here.

The full description of fragmentation in the RFC:

Fragmentation

Fragmentation of an internet datagram is necessary when it originates in a local net that allows a large packet size and must traverse a local net that limits packets to a smaller size to reach its destination.

An internet datagram can be marked "don't fragment." Any internet datagram so marked is not to be internet fragmented under any circumstances. If internet datagram marked don't fragment cannot be delivered to its destination without fragmenting it, it is to be discarded instead.

Fragmentation, transmission and reassembly across a local network which is invisible to the internet protocol module is called intranet fragmentation and may be used [6].

The internet fragmentation and reassembly procedure needs to be able to break a datagram into an almost arbitrary number of pieces that can be later reassembled. The receiver of the fragments uses the identification field to ensure that fragments of different datagrams are not mixed. The fragment offset field tells the receiver the position of a fragment in the original datagram. The fragment offset and length determine the portion of the original datagram covered by this fragment. The more-fragments flag indicates (by being reset) the last fragment. These fields provide sufficient information to reassemble datagrams.

The identification field is used to distinguish the fragments of one datagram from those of another. The originating protocol module of an internet datagram sets the identification field to a value that must be unique for that source-destination pair and protocol for the time the datagram will be active in the internet system. The originating protocol module of a complete datagram sets the more-fragments flag to zero and the fragment offset to zero.

To fragment a long internet datagram, an internet protocol module (for example, in a gateway), creates two new internet datagrams and copies the contents of the internet header fields from the long datagram into both new internet headers. The data of the long datagram is divided into two portions on a 8 octet (64 bit) boundary (the second portion might not be an integral multiple of 8 octets, but the first must be). Call the number of 8 octet blocks in the first portion NFB (for Number of Fragment Blocks). The first portion of the data is placed in the first new internet datagram, and the total length field is set to the length of the first datagram. The more-fragments flag is set to one. The second portion of the data is placed in the second new internet datagram, and the total length field is set to the length of the second datagram. The more-fragments flag carries the same value as the long datagram. The fragment offset field of the second new internet datagram is set to the value of that field in the long datagram plus NFB.

This procedure can be generalized for an n-way split, rather than the two-way split described.

To assemble the fragments of an internet datagram, an internet protocol module (for example at a destination host) combines internet datagrams that all have the same value for the four fields: identification, source, destination, and protocol. The combination is done by placing the data portion of each fragment in the relative position indicated by the fragment offset in that fragment's internet header. The first fragment will have the fragment offset zero, and the last fragment will have the more-fragments flag reset to zero.