Hi all –
I’m wondering about speedfusion behavior with regard to fragmenting packets. Does the peplink send packets larger than the WAN interface’s MTU which it does layer-3 packet fragmenting on?
Does the peplink expect the ability to send fragmented ip/udp/tcp packets past to its next-hop interface? The next-hop after the speedfusion on one of my wan’s is a cisco router which has a serial interface connected to the layer-2 WAN device. This cisco router is currently configured to drop fragmented packets – in ios-land this is done by applying the ip virtual-reassembly drop-fragments command to the relevant cisco interfaces. With this configuration, the cisco virtual-reassembly feature will simply drop any fragmented packets coming into it.
Should I disable this fragment filtering?
More generally, are there recommendations regarding the use or non-use of the cisco ‘virtual fragment reassembly’ feature? Prior to migrating to the peplink, we had been using the virtual fragment reassembly feature on the cisco – not as a fragment filter but doing actual fragment reassembly with ‘ip virtual-reassembly.’ This ios feature reassembles fragmented packets before forwarding them along, it was needed because we had a fine-grained firewall defined in our cisco router – and this was the best/easiest way to get correct packet filtering behavior of fragmented packets.
Many thanks,