Are packet fragmentation and reassembly supported by S series switches

2

S series switches can send fragmented data packets with a large data volume and also reassemble received fragmented packets.

Other related questions:
Whether the S series switches support fragmentation reorganization
The S-series switches support fragmented data packets with large amounts of data and reorganize them at the peer end.

Does MPLS ping support fragmented packets
MPLS ping of the AR router does not support fragmented packets.

Whether the NAT ALG supports the fragmented packet processing
The NAT ALG does not support the fragmented packet processing.

Principles of ping packet fragmentation tests
Question: During routine troubleshooting, some customers require that the results of pinging large packets are used to estimate link performance for handling Ethernet service packet loss or bandwidth insufficiency problems. Generally, they require that the packets with a length of 65,500 bytes can be pinged. However, they do not tell the test principles and emphasize that the tests, especially tests for private line VIP customers, must meet this requirement. Test method: ping ip -l 65500 Answer: The following analyzes the test from the four indicators of an Ethernet performance test: 1. Packet loss rate A PC can ping a packet containing a maximum of 65,500 bytes, but the default MTU value of a PC is 1500. Therefore, the large packet needs to be fragmented before the ping operation. The PC can ping a maximum of 1472 bytes without fragmentation. Assume that the large packet is fragmented by 1472 bytes. In this case, at least 45 packets (the result of 65500 divided by 1472 is about 45) need to be sent to the peer end for the ping test. The ping operation is successful only after all the 45 packets are sent to the peer end and the peer end returns an ICMP response. It can be deduced that the possibility of the failure to ping large packets is greater than the possibility of the failure to ping small packets. To perform this test, you need to first ensure that the pinged small packets are not lost, or even each ping packet must contain 1472 bytes, because the default packet length is only 32 bytes. 2. Throughput 65,500 bytes x 8 = 524 kbits. The minimum granularity of an MSTP service is 2 Mbit/s, and the default timeout interval of the ping test is 4 seconds. However, if there is other service traffic during the test, the ping operation may fail. 3. Latency In contrast to the test without fragmentation, the latency of the test requiring fragmentation is larger. The ping test interval, which is 4 seconds by default, is sufficient only if the bandwidth meets requirements. 4. Back to back According to a local mirroring analysis, pinging a packet of 60,000 bytes can be completed in 0.02 seconds after the PC fragments the packet, and the burst traffic reaches 500 kbit/0.01s, equivalent to 50 Mbit/s. According to the analysis of throughput, a packet of 65,500 bytes requires only a bandwidth of 524 kbit/s. Therefore, the test principle is similar to that of the back-to-back system. Suggestion and conclusion: 1. The MSTP service provides a hard pipe, and the service rate is less than 100 Mbit/s or 10 Mbit/s. The minimum granularity is 2 Mbit/s. When the burst traffic exceeds the pipe rate during the large packet ping, the board buffer is required. After the buffer is full, the overflow data will be discarded. Therefore, the test on a board with small buffer cannot meet the requirement. 2. The large packet transmit speed is dependent on the PC processing capability, especially the CPU usage. As a result, sometimes a packet of 65,500 bytes can be used in the ping operation but sometimes a packet of only about 20,000 bytes can be used. That is, the performance is not reliable. 3. The EFGT buffer of EoS boards is small and the EFGS buffer is relatively large. Therefore, a packet of 65,500 bytes can be used in the ping operation on boards with an EFGS buffer.

Configure ACLs on S series switches to restrict communications between users
For details about the configuration on S series switches (except S1700 switches), click Typical Configuration Examples and choose Typical Security Configuration > Typical ACL Configuration > Example for Using ACLs to Restrict Mutual Access Between Network Segments.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top