Forum Discussion

Cirrocumulus

Dec 26, 2012

How to clear Don't Fragment (DF) bit

there is some virtual server that have a problem that packet segment lost when MTU = 1500 so i want to clear DF bit to fix this problem , and how to clear it? than...

config

design

kridsana

Cirrocumulus

Jan 04, 2013

When client ping 1500 Byte (some is 1482) to that problem virtual server (letter X.X.X.X) and X.X.X.X reply with DF bit

but first hop is switch cisco nexus 7000 and (probaly checkpoint firewall) and what it does is checkpoint drop packet and sent " ICMP Destination unreachable (Fragmentation needed) " to X.X.X.X

this picture is some of all topology

http://upic.me/i/dp/f5-firsthop.png

ps. In linux based ICMP request will set DF bit , but Did ICMP reply from F5 is DF bit set ? >>> this is problem make checkpoint drop ICMP reply packet (cause ICMP reply have more than 1500 bytes and DF bit is set (so it'll not fragmented)) ......but i didn't sure Is F5 resend smaller ICMP reply. I'll investigate more.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

How to clear Don't Fragment (DF) bit

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Virtual Fragmentation Should Not Result in Network Fragmentation

Microservices – application fragments need application services

VPN fragmented IP packets dropped

F5 APM redirect when the URI contains a # (hashtag) / URI fragmentation

Issues with TCP Fragmentation?

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS