D-Link DFL-210-WCF-12 Product Manual - Page 522
Fragmented ICMP, Minimum Fragment Length, Reassembly Timeout, Max Reassembly Time Limit, NoLog
UPC - 790069601545
View all D-Link DFL-210-WCF-12 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 522 highlights
13.7. Fragmentation Settings Chapter 13. Advanced Settings • NoLog - No logging is carried out under normal circumstances. • LogSuspect - Logs duplicated fragments if the reassembly procedure has been affected by "suspect" fragments. • LogAll - Always logs duplicated fragments. Default: LogSuspect Fragmented ICMP Other than ICMP ECHO (Ping), ICMP messages should not normally be fragmented as they contain so little data that fragmentation should never be necessary. FragmentedICMP determines the action taken when NetDefendOS receives fragmented ICMP messages that are not either ICMP ECHO or ECHOREPLY. Default: DropLog Minimum Fragment Length Minimum Fragment Length determines how small all fragments, with the exception of the final fragment, of a packet can be expressed in bytes. Although the arrival of too many fragments that are too small may cause problems for IP stacks, it is usually not possible to set this limit too high. It is rarely the case that senders create very small fragments. However, a sender may send 1480 byte fragments and a router or VPN tunnel on the route to the recipient subsequently reduce the effective MTU to 1440 bytes. This would result in the creation of a number of 1440 byte fragments and an equal number of 40 byte fragments. Because of potential problems this can cause, the default settings in NetDefendOS has been designed to allow the smallest possible fragments, 8 bytes, to pass. For internal use, where all media sizes are known, this value can be raised to 200 bytes or more. Default: 8 Reassembly Timeout A reassembly attempt will be interrupted if no further fragments arrive within Reassembly Timeout seconds of receipt of the previous fragment. Default: 65 Max Reassembly Time Limit A reassembly attempt will always be interrupted Reassembly Time Limit seconds after the first received fragment arrived. Default: 90 Reassembly Done Limit Once a packet has been reassembled, NetDefendOS is able to remember reassembly for this number of seconds in order to prevent further fragments, for example old duplicate fragments, of that packet from arriving. Default: 20 522