ip碎片有多糟糕 [英] How bad is ip fragmentation

问题描述

据我所知，当发送ip消息时，be和我的数据包目的地之间的网络路径中的每一跳将检查下一跳的MTU是否大于我发送的数据包的大小。如果是这样，则数据包将被分段，并且两个数据包将分别发送到下一跳，仅在目的地重新组装（或者，在某些情况下，在遇到的第一个NAT路由器处）。
据我了解，这件事情可能很糟糕，但我真的不明白为什么。

I understand that when sending ip messages around, each hop in the network path between be and my packet's destination will check if the next hop's MTU is bigger than the size of the packet I sent. If so, the packet will be fragmented and the two packets will be separately sent to the next hop, only to be reassembled at destination (or, in some cases, at the first NAT router encountered). As far as I understand, this thing can be pretty bad, but I don't really understand why.

• 我明白了如果连接倾向于丢弃大量数据包，丢失单个片段意味着我必须重新发送整个数据包（这实际上是我自己想出的唯一的事情）


• 是否存在我的数据包会被丢弃而不是被分割吗？


• 如何识别数据包片段？我可以100％确定它们会被正确重新组装吗？例如，如果我将两个相同长度的ip数据包几乎同时发送到同一个目的地，那么两个片段将被转换的可能性有多大，比如AAA，BBB重新组装成ABA，BAB？

原则上，如果没有丢弃数据包并且正确地重新组装片段，实际上使用数据包碎片似乎是一个好主意，以节省本地带宽，避免发送越来越多的标头而不只是一个大包。

In principle, if packets aren't dropped and fragments are reassembled correctly, actually using packet fragmentation seems like a good idea to save on local bandwidth and avoid having to send more and more headers instead of just one big packet.

谢谢

推荐答案

据我所知，数据包将被丢弃而不是分段的唯一情况（除非它会被丢弃的情况），是标记为不碎片的数据包。这些数据包将被丢弃而不是被分段。

To my knowledge, the only case where packets will be dropped rather than fragmented (barring cases where it would be dropped anyway), is packets which are marked "don't fragment". These packets are to be discarded rather than being fragmented.

分段数据包在其标头中具有标识符，片段偏移量和更多片段字段，当它们组合在一起时，允许目标主机在收到所有片段后可靠地重新组装数据包。第一个片段的偏移量为零，最后一个片段的片段标志设置为零。如果两个数据包的标头发生变异以便交换它们的片段偏移量，那么仍然可能（尽管非常不可能）重新组装错误的数据包，但它们的校验和仍然有效。发生这种情况的概率基本上为零。请记住，IP不提供任何机制来确保数据有效负载的完整性，只提供标头中控制信息的完整性。

Fragmented packets have identifier, fragment offset, and more fragments fields in their headers that, when combined, allow the destination host to reliably reassemble the packet upon receipt of all the fragments. The first fragment's offset is zero, and the last fragment has the more fragments flag set to zero. It is still possible (although very unlikely) to reassemble an incorrect packet if two packets' headers are mutated so their fragment offsets are exchanged, but their checksums are still valid. The probability of this happening is essentially zero. Bear in mind that IP does not provide any mechanism for ensuring the integrity of the data payload, only the integrity of the control information in the header.

数据包碎片必然会浪费带宽因为每个片段都有[大部分]原始数据报标题的副本。数据包可以分段为每个片段只有8个字节，因此我们可以将最大大小的数据包（60 + 65536字节）分段为60 * 8192 + 65536字节，在最坏的情况下有效载荷增加约750％。我能想出的唯一一个例子是，如果你将数据包分段，以便使用某种频分复用方案并行发送其片段，并知道其他信道是空闲的。在这一点上，它似乎仍然需要更多的工作而不是检测到这种情况并分割数据包而不是仅发送它。

Packet fragmentation necessarily wastes bandwidth because each fragment has a copy of [most of] the original datagram's header. Packets can be fragmented down to only 8 bytes per fragment, so we could have a maximum-sized packet at 60 + 65536 bytes fragmented into 60 * 8192 + 65536 bytes, yielding a payload increase of about 750% in the worst case. The only example I can come up with where you would come out ahead is if you fragmented a packet in order to send its fragments in parallel using some kind of Frequency Division Multiplexing scheme with the knowledge that the other channels are free. At that point, it still seems like it would require more work than would be saved to detect that circumstance and divide the packet rather than just sending it.

所有基本细节关于IP中数据包碎片的机制可以在 IETF RFC 791 中找到，如果你'渴望了解更多信息。

All the basic details about the mechanics of packet fragmentation in IP can be found in IETF RFC 791, if you're hungry for more information.

这篇关于ip碎片有多糟糕的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！