1

I implement a simple tunneling and encryption of outgoing IP packets, i.e. each packet+IP header is encrypted and added with a new IP header.

For this purpose I use raw sockets in the sender and the receiver.

I just try to figure out if fragmentation of the outgoing packets can result in breaking the capability to decrypt them again.

Do raw sockets provide the assembled packet or do I need to implement de-fragmentation by myself ?

user207421
  • 289,834
  • 37
  • 266
  • 440
ransh
  • 1,281
  • 4
  • 20
  • 45

2 Answers2

0

Assuming that you are referring to RAW sockets of the Berkeley Sockets API (aka BSD Sockets),
the answer is:

No, they do not combine fragments of fragmented IP packets. You will receive the IP packets, including IP header, just as they did arrive at your network interface.

Please note that there exist various implementations of BSD sockets in different operation systems. You didn't say for which system(s) you are developing that code. And despite the fact that the POSIX standard based its network API on BSD sockets, POSIX doesn't specify RAW sockets at all, so a POSIX conforming operation system doesn't even have to support RAW sockets.

And despite the fact many systems have adopted the BSD API, among them Linux/Android, FreeBSD, macOS/iOS, and even Windows, there are some important differences in their implementations. E.g. they support different socket options, their socket options behave in different way, or they support different extensions. As an example for differences in socket options, see here. So your system may theoretically have an option you can set to get reassembled packets. This would not be portable but RAW sockets themselves are only limited portable to begin with.

Mecki
  • 106,869
  • 31
  • 201
  • 225
-1

This is OS specific, but generally it depends on how you read them. Take a look at a couple of linux docs on POSIX sockets:

In particular you use a SOCK_RAW then recvfrom will not always return full packets. See the following quotes:

If a message is too long to fit in the supplied buffer, excess bytes may be discarded depending on the type of socket the message is received from.

If len is too small to fit an entire packet, the excess bytes will be returned from the next read.

The receive calls normally return any data available, up to the requested amount, rather than waiting for receipt of the full amount requested.

To your question:

Do raw sockets provide the assembled packet or do I need to implement de-fragmentation by myself ?

They don't, you need to de-fragment yourself. If the socket isn't flushed, or fragmentation occurs the call will return any data available, possibly only partial packets the expectation is that you restructure them.

diedthreetimes
  • 3,910
  • 22
  • 35
  • 1
    Doesn't answer the question in any way. – user207421 Oct 17 '19 at 07:34
  • Added an explicit answer. Although, I'd argue the answer was pretty obvious from the explanation. – diedthreetimes Oct 18 '19 at 06:33
  • Everything above 'to your question' is now, and always was, irrelevant. – user207421 Oct 18 '19 at 07:03
  • in "raw" man I find "Note that packet sockets don't reassemble IP fragments, unlike raw sockets". Doesn't it mean that raw socket reassemble the fragments ? – ransh Oct 18 '19 at 07:37
  • There's also a discussion about MTU that seems to imply fragmentation isn't possible with raw sockets. Instead, the socket will return an error. With that said, I'd imagine that in some bizarre network scenarios you could still receive fragments back unless you set the DF bit directly. See also, https://stackoverflow.com/a/4187935/234261. – diedthreetimes Oct 18 '19 at 07:53
  • Thanks, yet I am not sure about the above answer. According to manual of "raw" socket, it does reassemble fragments, as I mentioned in comment above. – ransh Oct 18 '19 at 12:31
  • I'm pretty sure that's a red herring, especially considering the other information in the manual. – diedthreetimes Oct 19 '19 at 20:16
  • Here is some more info. [1] search for "for reassembly", where you'll see metadata in raw sockets used for fragment reassembly. [2] for a description of the DF flag, which as I mentioned is one way to avoid needing to defrag incoming packets (its set automatically if you use MTU discovery). [1] http://www.cs.binghamton.edu/~steflik/cs455/rawip.txt [2] https://stackoverflow.com/questions/973439/how-to-set-the-dont-fragment-df-flag-on-a-socket – diedthreetimes Oct 19 '19 at 23:03