wireguard.lists.zx2c4.com archive mirror
 help / color / mirror / Atom feed
From: StarBrilliant <coder@poorlab.com>
To: wireguard@lists.zx2c4.com
Subject: Fragmentation on UDP layer possible?
Date: Mon, 13 Aug 2018 02:53:44 +1000	[thread overview]
Message-ID: <CA+7UkwLpoa_n87PKghohdGc5JVpYJdjAB1a8NUpYjx35o5nPWw@mail.gmail.com> (raw)

Hello Wireguard developers and uesrs,

Thank you for having built up this software!

Recently I found some problems transmitting large UDP packets at
certain network environments.

My network architecture consists of 2 layers (Wireguard + VXLAN) to
enable mesh routing based on BGP and Babel routing protocols. To reach
a minimum MTU of 1280 bytes required by IPv6, the network must be able
to send and receive UDP datagrams of 1362 bytes. However some public
Wi-Fi does not allow me to send UDP packets of this big. No matter I
do fragmentation on my box with DF Flag on, or disable PMTUD with DF
flag off, the firewall simply rejects any fragmented IP packet.

I know Wireguard can already do IP layer fragmentation. (Just set
tunnel MTU >= 1441 then fragmentation will be turned on) But in this
network condition we might need to solve the problem on UDP layer.
OpenVPN supports UDP layer fragmentation through the "--fragment X"
option. By specifying this option, UDP packets will be no more than X
bytes. It adds an additional 4-byte overhead per fragment.

My question is, is UDP layer fragmentation technically possible for
Wireguard? If possible, will it introduce incompatibility to old
clients? How much overhead might it have?


And again, thank you!

             reply	other threads:[~2018-08-12 16:42 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-08-12 16:53 StarBrilliant [this message]
2018-08-12 19:06 ` Fragmentation on UDP layer possible? Roman Mamedov
2018-08-12 19:55   ` StarBrilliant
2018-08-14 10:29   ` Baptiste Jonglez
2018-08-14 20:26     ` Derek Fawcus
2018-08-13  6:40 ` Jason A. Donenfeld
2018-08-13  6:53   ` StarBrilliant

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CA+7UkwLpoa_n87PKghohdGc5JVpYJdjAB1a8NUpYjx35o5nPWw@mail.gmail.com \
    --to=coder@poorlab.com \
    --cc=wireguard@lists.zx2c4.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).