Wireless Controller
Dedicated Wi-Fi control and management for high density and mobility
cserna_FTNT
Staff
Staff
Article Id 193020
Description
This article explains how to prevent fragmentation on a wireless controlled based architecture.

Solution
One of the most important concerns to take into account in a wireless controlled based infrastructure’s design is related to IP fragmentation because it provokes reduction of performance and problems at the time to pass information between the connection.  We need to know that there is a tunnel between the AP and the controller, the tunnel needs to add information to the packet causing an overhead and if that is reach to the maximum level of packet permitted has as a consequence the fragmentation.

The tunnel overhead leaves less space on the packet for the payload, if the client sends frames that are above certain thresholds then adding additional tunnel headers increases the packet size beyond the Ethernet MTU that regularly is near of 1500 bytes if not jumbo frames is used. As we mentioned that phenomenon provokes network latency and jitter, decreasing throughput.

To avoid fragmentation of clients packets needs to enable TCP Maximum Segment Size (MSS) this let control to rewrite the TCP SYN packets in order to be sure that small packets from the client to the controller are sending through the tunnel.

To achieve that on AP devices, adjustments can be made by using the commands:
config wireless-controller wtp-profle
edit FAP321C-default
set ip-fragment-preventing {tcp-mss-adjust | icmp-unreachable}
set tun-mtu-uplink {0 | 576 | 1500}
set tun-mtu-downlink {0 | 576 | 1500}
end
end

Note that values permitted on tun-mtu just could be 0, 576 or 1500, for an MTU of 1500 use 576 to avoid fragmentation possibilities.

We could apply this configuration at profile level or overriding this values on a specific unit.

The methods offered to prevent fragmentation are:
  • tcp-mss adjust. Contolling the size of the packets generated.
  • icmp-unreachable. FortiAP will drop packets that have “Don’t fragment” bit set in the IP header and are large enough to cause fragmentation and send and ICMP packet type 3 “ICMP destination unreachable” with code 4 “Fragmentation Needed and Don’t Fragment was Set” back to the wireless controller, that provokes that packets send by wireless clients send TCP and UDP smaller packets.

Contributors