Problem s VPN tunely - zrejme fragmentace
Dan Lukes
dan at obluda.cz
Mon Nov 16 10:58:29 CET 2009
Zbyněk Burget wrote:
>>> ip:
>>> 2480402489 total packets received
>>> 10380325 output datagrams fragmented
>>> 39989831 fragments created
>>> 20 datagrams that can't be fragmented
> Mohl bych se zeptat, kde je hranice, kde je jeste mnozstvi fragmentace v
> poradku a kde uz je to moc?
Na TCP by k fragmentaci dochazet v podstate nemelo. Dneska ma naprosta
vetsina TCP komunikace nastaveny "Don't fragment" flag. Na UDP zalezi na
typu provozu. Beznych 512B DNS paketu by se fragmentovat nemelo, ale
vetsi pakety se fragmentovat mohou.
Neexistuje presna hranice. Muzu ti ale poslouzit cisly z nekterych svych
siti (site s pomerne velkymi toky takze "total" citac se protaci a nelze
ho brat vazne, uptime je pres 82 dnu):
ip:
602409910 total packets received
29 fragments received
17 fragments dropped (dup or out of space)
6 fragments dropped after timeout
2 packets reassembled ok
2 output datagrams fragmented
6 fragments created
Dan
More information about the Users-l
mailing list