NEPacketTunnelProvider virtual interface MTU

App & System Services Networking
mayank_nag OP
Created 6d
Replies 3
Boosts 0
Views 178
Participants 2

Hi everyone,

We are working on creating a virtual network interface using NEPacketTunnelProvider, with an MTU of 1500 bytes.

I would like to understand what will happen if we attempt to write packets of approximately 65,000 bytes to this interface. Specifically, will the packets be fragmented based on protocol and flags, will they be dropped, or is there another unexpected behaviour we should anticipate?

Thanks

Answered by DTS Engineer in 820081022

I would expect this to behave like any other network interface:

  • If the sender has opted out of fragmentation (IP_DONTFRAG), the system will drop the packet.

  • If not, it’ll fragment it.

Best practice is for the sender to avoid IP-level fragmentation, which typically means that it’ll limit its sends based on the path MTU.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Replies  3
Boosts  0
Views  178
Participants  2
mayank_nag OP
5d

Missed mentioning this is for iOS.

0
DTS Engineer OP
Apple
2d
Recommended

I would expect this to behave like any other network interface:

  • If the sender has opted out of fragmentation (IP_DONTFRAG), the system will drop the packet.

  • If not, it’ll fragment it.

Best practice is for the sender to avoid IP-level fragmentation, which typically means that it’ll limit its sends based on the path MTU.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0
DTS Engineer OP
Apple
8h

Please reply as a reply. If you reply in the comments, it’s easy for me to miss. See Quinn’s Top Ten DevForums Tips for this and other tips.

My previous response presumed that you were talking about this from the perspective of a networking app using networking APIs to communicate over your interface. For example, an app using BSD Sockets to send a large UDP datagram over your interface, or receive a large UDP datagram from your interface.

However, this:

Also to give some more context we are using this API -writePackets:withProtocols: in NEPacketTunnelFlow to inject packet.

is a very different story. The interface can’t transmit packets larger that the MTU. That’s kinda the definition of MTU.

Let me walk you through an example:

  1. An app sends a large UDP datagram to a remote peer over your interface.

  2. IP sees that the datagram is bigger than the interface MTU and fragments it.

  3. The system then calls your packet tunnel provider to send each fragment. All of these smaller than the MTU.

  4. The remote peer responds. Let’s assume that this is also a large datagram, so that response is fragmented. Your packet tunnel provider receives these fragments and passes them up to the system.

  5. IP collects these fragments, reassembles them, and passes them up to the app.

This makes the job of a typical packet tunnel provider very simple: It just transfers packets across the tunnel, all of which are smaller than the MTU. It sounds you’re trying to create a packet tunnel provider that’s ‘smart’ in some way. If so, there’ll be a bunch of extra work for you to do.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0
NEPacketTunnelProvider virtual interface MTU
First post date Last post date
 
 
Q