Rockhopper VPN

IPsec/IKEv2-based VPN software for Linux

• Top
• About
• Getting Started
• Screenshots
• Download
• Documents
• Contact

IKEv2 Message Fragmentation

- Enable IKEv2 Fragmentation.

IKEv2 Fragmentation is disabled by default. You can enable it on Global Configuration tab of Web console.

- Global Configuration[Tab] > Global Settings[Tab]

1. Check Enable IKEv2 Fragmentation.
   
   
2. Save the global configuration.
   
   
3. Restart Rockhopper like this (e.g. Ubuntu):
   
   # sudo /etc/init.d/rockhopper restart
   or
   # sudo systemctl restart rockhopper
   
   

- Configure the service.

You can change the IKEv2 Fragmentation's configuration by adding related settings on Global Configuration tab of Web console.

- Global Configuration[Tab] > Global Settings[Tab]

1. Click Add IKE SA's Settings button and show the Add a New Global Setting (IKE SA) dialog.
   
   
2. Select a setting name and enter a setting value on the dialog, then click OK button.
   
   
3. Save the global configuration.
   
   
4. Restart Rockhopper like this (e.g. Ubuntu):
   
   # sudo /etc/init.d/rockhopper restart
   or
   # sudo systemctl restart rockhopper
   
   

Name	Value	Default value	Description
ikev2_max_fragments	Number of fragments.	64	The maximum number of received and queued packets fragmented by remote peer.
ikev2_frag_max_packet_size	The sum of bytes.	32768 (bytes)	The maximum length of the sum of received packets fragmented by remote peer.
ikev2_frag_size_v4	Number of bytes	0 (N/A)	The fixed length of a fragmented packet(IPv4). If not specified, the length is calculated based on MTU of a source interface to send packets. - MTU(e.g. 1500) - IPv4_header(20) - UDP_header(8).
ikev2_frag_size_v6	Number of bytes	0 (N/A)	The fixed length of a fragmented packet(IPv6). If not specified, the length is calculated based on MTU of a source interface to send packets. - MTU(e.g. 1500) - IPv6_header(40) - UDP_header(8).
ikev2_frag_use_min_size	1 (enable) or 0 (disable)	0 (disabled)	If enabled, a value of ikev2_frag_min_size_v4 or ikev2_frag_min_size_v6 is always used as the fragmentation length.
ikev2_frag_min_size_v4	Number of bytes	548 (bytes)	The minimum length of a fragmented packet (IPv4).
ikev2_frag_min_size_v6	Number of bytes	1232 (bytes)	The minimum length of a fragmented packet (IPv6).
ikev2_frag_rx_timeout	Number of seconds	60 (seconds)	The timeout interval to receive all fragmented packets. If it expires, Rockhopper just drops the queued packets and waits for retransmission by remote peer from the begining.

- RFC

• Internet Key Exchange Protocol Version 2 (IKEv2) Message Fragmentation [RFC7383]

Back to Top

Copyright © 2011 T.HANADA All Rights Reserved.