IP fragmentation vs. TCP segmentation

[sirbijan]

My question is too basic, but it's been tingling me since forever, so, I decided to ask. We have an IP fragmentaion in the network layer and a TCP segmentation in the transport layer. Considering the data comes down from the top of the OSI model to be put on the wire, one could say at first it gets segmented in TCP in smaller chunks (segments!), then it goes to network layer and if the IP header is too big, it'd be cut again into fragments.
My question is that TCP is so secure (at least what they claim to be), it has 3 way handshake and ... to secure data transfer. But if we have IP fragmentation too, then it means we have to have the same story for the network layer as well! Why do we need to split data 2 times? It's just a little confusing for me, TCP breaks it down, then smaller segments go to Network layer and then they get broken down into little pieces to be able to carry IP header and .... How could we be sure of the network layer? It doesn't have 3 way handshake.

 

[pansophic]

If I recall correctly, IP fragmentation relies on the reconstruction of the TCP packet to determine if the packet arrived successfully (if you drop a fragmented IP packet, the TCP packet will not reconstruct and so a NAK will be sent for that TCP packet). The reason that the data MAY be split twice is simple. You have no way of knowing a priori what the restrictions are for the network layer beyond your LAN. Therefore, TCP will create packets that meet TCP packet limitations and IP packet limitations on your LAN.

If you pass through a network that has IP limitations that are more stringent than yours, the network equipment will split (fragment) your IP packet into two or more IP packets, each containing a portion of your TCP payload. If, on the other end of your connection, the TCP packet is not completely reconstructed (that is why it has both a length and a CRC) then the receiver will send a NAK (Not Acknowledged) packet back to your system which will reissue the same TCP packet, and follow the same process (probably). It is highly unusual to see a fragmented IP packet on a LAN, since there are not any transmission systems involved that would require differing MTU (Maximum Transmission Unit) sizes.

The three-way handshake of TCP is only to provide a "connection oriented" protocol, not for reliable (not secure) data transport. It is the sequence numbering and ACK/NAK protocol that provides reliable data transport.


pansophic

 

[sirbijan]

thank you pansophic, your answer is so complete (and correct of course!)
I was talking to a colleague of mine and he told me we only have IP fragmentation for IPv4 and there's no IP fragmentaion in IPv6. Do you know why?

 

[pansophic]

Actually, I haven't looked at IPv6 at all yet, but I would guess it has to do with transmission facilities. IPv4 was designed to go over low-bandwidth, high-error rate facilities such as dialup and analog satellite links. With IPv6, links are largely digital with excellent forward error correction, meaning very few retransmits. That means that all links can be set to maximum MTU values with an extremely high probability of every bit arriving unchanged. Since larger MTUs are more efficient (less overhead bits) it is likely that all facilities will operate at the maximum MTU size, meaning that fragmentation isn't an issue.

Of course that is pure conjecture on my part.


pansophic