Most of the example code I see for using AF_PACKET sockets in linux uses the SOCK_RAW version for sending out ethernet packets. I am hoping to use an AF_PACKET socket with the layer 3 SOCK_DGRAM option for sending out custom UDP packets with a custom IP header. My question is, do I have to handle IP fragmenting in userspace and write multiple fragmented IP packets to the AF_PACKET socket, or can I write one UDP packet with 30K of data and the kernel will fragment it for me?
0
votes
"a custom IP header" Custom in what way? Too custom, and it will be dropped by the next IP process (router, or destination if on the same network). If you need to break up the UDP datagram (not packet; after all, the "D" in UDP is for datagram; frames at data-link, packets at network, datagrams for UDP, and segments for TCP) before packetizing it in IP, then that is not IPv4 fragmentation, and you should avoid IPv4 fragmentation when you can because many routers and firewalls today will drop fragments to prevent fragmentation attacks.
– Ron Maupin
In any case, you really want to limit the size of a UDP datagram to something like 576 bytes because UDP is unreliable, and you will lose datagrams. The less you have in a datagram, the less that will be lost when one goes missing. Have your application-layer protocol break the data into small chunks for UDP delivery.
– Ron Maupin
Thank you for the advice. This is a custom application on an embedded linux device handling multicast in a closed radio network, there are no routers or firewalls, and I don't have control over the application layer or really know how big the datagrams will be. I want to make sure it's robust in case they're larger than 1500, but not sure if I have to implement fragmenting in the userspace part of the AF_PACKET socket or not.
– Aaron
It's not fragmentation, which happens at the network layer. You want to segment the data before the transport layer. Fragmentation happens by IPv4 as a packet passes through an intermediate device, e.g. router, where the IPv4 packet is too large for the MTU of the exiting interface. Fragmentation is actually pretty difficult, and it has been deprecated as we move to IPv6. In any case, you will lose packets on the network, so you want to limit the data contained in UDP datagrams. TCP resends lost data, but UDP does not.
– Ron Maupin
I am operating at the network layer. From man packet(7): "Packet sockets are used to receive or send raw packets at the device driver (OSI Layer 2) level." There is SOCK_RAW, where you read and write ethernet packets and have to build and parse the ethernet headers. Then there is SOCK_DGRAM which "operates on a slightly higher level" where you don't have to worry about ethernet headers, but you do have to construct your own IP header. What I'm not clear on is whether that "slightly higher level" includes handling fragmenting.
– Aaron
