Solved

Counter for amount of packets fragmented by router

Posted on 2014-03-30
4
695 Views
Last Modified: 2014-03-31
Hello experts. I am doing more research on packet fragmentation. I want to avoid my routers doing packet fragmentation themselves and leave it to hosts. In a test environment i have configured it as such that the router is responsible for fragmenting the packets to get over its outside link rated at 1400 MTU. The host doesn't know to fragment yet so it gets to router and is too large so it must fragment. I have verified i am up to this point by setting access lists with the fragments keyword. Inside interface of the router that must fragment shows 0 hits on the fragments ace. On the next hop router
the incoming fragments ACE does show fragments, indicating that the router is fragmenting,

My question is as follows: How do i determine how many packets the router has had to fragment itself? I would think this would be an option but don't see a way to view this. Already looked into:

1. show ip traffic: This does increment but it shows all fragments that have flowed through not how many the router had to generate.
2. show controllers fa0/1: This always stays at 0
0
Comment
Question by:Psy4HA
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 44

Expert Comment

by:Darr247
ID: 39965485
If the router's outside interface must fragment anything over 1400, then it's likely fragmenting all but the last (i.e. partial) packet in a transmission, since the default for most hosts will be 1500 (assuming Jumbo packets aren't enabled on gigabit adapters)... or 1492 for PPPoE.

Try setting the MTU on the hosts' adapters to 1400 bytes and see how many fragments show up on the ACE, then.

Or, just run
ping www.google.com -f -l ####
where #### is the packet size in bytes, decrementing #### until you no longer get the 'Packet needs to be fragmented' message... that should verify how low you need to go to prevent fragmentation to google.com (use the specific domain.tld if you're trying to prevent fragmentation between specific locations).
0
 

Author Comment

by:Psy4HA
ID: 39965498
Thank you I agree. I am mainly looking for a counter to tell me how many fragments the router had to generate. I do realize there are ways to prevent router from fragmenting but wanted to see counters indicating the router is working on fragging. (Without having to set acls) am looking from a hardening perspective or ways to protect my router from fragmenting too much or to quickly see if I have performance fragmentation issues quickly on my network. If I set acls with fragments on outside interface of router it doesn't show fragments like the router fragments the packets after it checks with the acl so I have to check on my next hop router. I am not sure I am doing a good job of explaining
0
 
LVL 17

Accepted Solution

by:
TimotiSt earned 500 total points
ID: 39966292
Take a look at the IF-MIB of SNMP, counters like ipIfStatsReasmOKs should be of use, depending on your exact needs.
It'll depend on the router if it actually supports these MIBs.

I've checked a few snmp walks I have on hand of various devices (3Com and HP switches, UPS systems, etc):

3com-core.walk:RFC1213-MIB::ipReasmTimeout.0 = INTEGER: 30
3com-core.walk:RFC1213-MIB::ipReasmReqds.0 = Counter32: 0
3com-core.walk:RFC1213-MIB::ipReasmOKs.0 = Counter32: 0
3com-core.walk:RFC1213-MIB::ipReasmFails.0 = Counter32: 0
3com-core.walk:RFC1213-MIB::ipAdEntReasmMaxSize.192.168.0.22 = INTEGER: 65500
3com.walk:RFC1213-MIB::ipReasmTimeout.0 = INTEGER: 10
3com.walk:RFC1213-MIB::ipReasmReqds.0 = Counter32: 0
3com.walk:RFC1213-MIB::ipReasmOKs.0 = Counter32: 0
3com.walk:RFC1213-MIB::ipReasmFails.0 = Counter32: 0
3com.walk:RFC1213-MIB::ipAdEntReasmMaxSize.192.168.0.6 = INTEGER: 1500
hp.walk:RFC1213-MIB::ipReasmTimeout.0 = INTEGER: 60
hp.walk:RFC1213-MIB::ipReasmReqds.0 = Counter32: 0
hp.walk:RFC1213-MIB::ipReasmOKs.0 = Counter32: 0
hp.walk:RFC1213-MIB::ipReasmFails.0 = Counter32: 0
hp.walk:RFC1213-MIB::ipAdEntReasmMaxSize.127.0.0.1 = INTEGER: 65535
hp.walk:RFC1213-MIB::ipAdEntReasmMaxSize.192.168.0.2 = INTEGER: 65535
smc.walk:RFC1213-MIB::ipReasmTimeout.0 = INTEGER: 20
smc.walk:RFC1213-MIB::ipReasmReqds.0 = Counter32: 0
smc.walk:RFC1213-MIB::ipReasmOKs.0 = Counter32: 0
smc.walk:RFC1213-MIB::ipReasmFails.0 = Counter32: 0
smc.walk:RFC1213-MIB::ipAdEntReasmMaxSize.4294967232.168.0.3 = INTEGER: 1500
ups01.walk:RFC1213-MIB::ipReasmTimeout.0 = INTEGER: 30
ups01.walk:RFC1213-MIB::ipReasmReqds.0 = Counter32: 0
ups01.walk:RFC1213-MIB::ipReasmOKs.0 = Counter32: 0
ups01.walk:RFC1213-MIB::ipReasmFails.0 = Counter32: 0
ups01.walk:RFC1213-MIB::ipAdEntReasmMaxSize.0.0.0.0 = INTEGER: 65535
ups01.walk:RFC1213-MIB::ipAdEntReasmMaxSize.127.0.0.1 = INTEGER: 65535
ups01.walk:RFC1213-MIB::ipAdEntReasmMaxSize.192.168.0.26 = INTEGER: 65535
ups02.walk:RFC1213-MIB::ipReasmTimeout.0 = INTEGER: 30
ups02.walk:RFC1213-MIB::ipReasmReqds.0 = Counter32: 0
ups02.walk:RFC1213-MIB::ipReasmOKs.0 = Counter32: 0
ups02.walk:RFC1213-MIB::ipReasmFails.0 = Counter32: 0
ups02.walk:RFC1213-MIB::ipAdEntReasmMaxSize.0.0.0.0 = INTEGER: 65535
ups02.walk:RFC1213-MIB::ipAdEntReasmMaxSize.127.0.0.1 = INTEGER: 65535
ups02.walk:RFC1213-MIB::ipAdEntReasmMaxSize.192.168.0.27 = INTEGER: 65535
ups6k.walk:RFC1213-MIB::ipReasmTimeout.0 = INTEGER: 0
ups6k.walk:RFC1213-MIB::ipReasmReqds.0 = Counter32: 0
ups6k.walk:RFC1213-MIB::ipReasmOKs.0 = Counter32: 0
ups6k.walk:RFC1213-MIB::ipReasmFails.0 = Counter32: 0
ups6k.walk:RFC1213-MIB::ipAdEntReasmMaxSize.127.0.0.1 = INTEGER: 1500
ups6k.walk:RFC1213-MIB::ipAdEntReasmMaxSize.192.168.0.28 = INTEGER: 1500

Open in new window

0
 

Author Closing Comment

by:Psy4HA
ID: 39967373
Thank you sir! SNMP was the solution. There is a few objects around this i found:

ipSystemStatsOutFragOKs
ipSystemStatsOutFragCreates

They increment only when the router generates fragments not when hosts do (so not just a counter for frags passing through)

Thanks!
Cory Fulchiron
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In the hope of saving someone else's sanity... About a year ago we bought a Cisco 1921 router with two ADSL/VDSL EHWIC cards to load balance local network traffic over the two broadband lines we have, but we couldn't get the routing to work consi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question