IPv4 Fragmentation and Reassembly Explained (With Real-World Examples)

Introduction

When data is transported across a network, it doesn’t always travel as one big block. Instead, it is broken into smaller chunks called IP packets (or datagrams). Each packet contains a header and a data segment. In IPv4, these packets have size limits and sometimes need to be broken down further before they can move across a network. This process is known as IPv4 fragmentation, and at the destination, the packets are put back together again, which is called reassembly.

Think of it like sending a very long letter through the postal system. If the envelope is too small, you’ll split the letter across multiple envelopes, number them, and send them separately. The receiver then reassembles them in order.

In this article, we’ll explore why fragmentation is needed, how it works in IPv4, the fields involved in fragmentation, reassembly, and some real-world issues that come with it.

IPv4 Datagram Size and Limits

An IPv4 packet has a maximum size of 65,535 bytes. This comes from the fact that the total length field in the IPv4 header is 16 bits long, which can represent values up to 2¹⁶ – 1 = 65,535.

• The minimum header size is 20 bytes.
• That means the maximum data (payload) that can be sent in a packet is:
  65,535 – 20 = 65,515 bytes.

While IPv4 supports packets this large, most data link layers (like Ethernet or Wi-Fi) cannot handle such big packets. That’s where MTU (Maximum Transmission Unit) comes in.

Why is Fragmentation Needed?

Different data link layers have their own MTU (Maximum Transmission Unit), which is the largest packet size they can handle (including their own headers). If an IP packet is larger than the MTU of the network it’s traveling through, it must be split into smaller packets.

For example, here are some common MTU sizes:

If a packet of 2000 bytes needs to travel across this link, it must be broken down into smaller fragments.

Without fragmentation, oversized packets would simply be dropped, resulting in failed communication. By splitting a large packet into smaller pieces, IPv4 ensures that data can still be transmitted across networks with different MTU values.

Think of it like sending a large sofa through a doorway. If the doorway is too small, you take the sofa apart, move the pieces, and reassemble them in the living room.

Notice how all of these are much smaller than the 65,535 bytes maximum of IPv4. This means large packets must be broken down into smaller fragments to travel safely.

Fragmentation Process

Fragmentation is the process of breaking a large IPv4 packet into smaller packets that fit within the MTU. This can be done either by the sender or by intermediate routers.

Let’s consider an example:
If a packet of 4,250 bytes arrives at a router with an MTU of 1,500 bytes, it cannot be sent as-is. The router will fragment it into multiple smaller packets, each fitting within 1,500 bytes.

Fragmentation relies on specific IPv4 header fields:

1. Identification

• A 16-bit field used to uniquely identify fragments belonging to the same original packet.
• All fragments of a given packet carry the same identification value.
• Example: If two large packets from the same device are fragmented, each set of fragments has its own unique ID to keep them separate.

2. Flags

• A 3-bit field that controls fragmentation:
  • DF (Don’t Fragment): If set to 1, the packet cannot be fragmented. If fragmentation is needed but DF = 1, the packet is dropped, and an ICMP error is sent back to the sender.
  • MF (More Fragments): If set to 1, it indicates that more fragments follow. The last fragment sets MF = 0.

3. Fragment Offset

• A 13-bit field that tells where this fragment’s data fits into the original packet.
• It is measured in 8-byte blocks (scaling factor of 8). This helps reassemble fragments in the correct order.

Reassembly Process

Reassembly is performed only at the destination device. Routers along the path may fragment packets, but they do not reassemble them.

Steps of reassembly:

1. The destination checks the Identification field to group fragments belonging to the same packet.
2. The Fragment Offset and MF flag are used to arrange fragments in order.
3. The last fragment (MF = 0) tells the receiver that reassembly is complete.

Because packets may take different paths in the network, they may arrive out of order. The reassembly logic ensures they are reconstructed properly before passing data to the application.

Real-World Example of Fragmentation

Suppose a 4,250-byte packet must cross a network with an MTU of 1,500 bytes.

• First fragment: 1,480 bytes of data + 20 bytes header
• Second fragment: 1,480 bytes of data + 20 bytes header
• Third fragment: Remaining 1,290 bytes of data + 20 bytes header

All three fragments will carry the same Identification number. The Fragment Offsets will tell the destination where each piece belongs.

Implementation Issues with Fragmentation

While fragmentation is useful, it also brings challenges:

1. Performance Impact: Fragmentation adds delay and requires extra processing.
2. Bandwidth Overhead: Each fragment carries its own header, which increases bandwidth usage.
3. Packet Loss Sensitivity: If one fragment is lost, the entire original packet must be retransmitted.
4. Security Risks: Attackers sometimes exploit fragmented packets in DoS (Denial-of-Service) attacks to overwhelm systems.
5. Complexity: Incorrect implementations can lead to corrupted or unreassembled data.

This is why network engineers often try to avoid fragmentation whenever possible.

Fragmentation vs Reassembly in Practice

• Fragmentation: Can happen at the sender or along the network path.
• Reassembly: Only happens at the destination. Intermediate routers never reassemble.
• Efficiency: Networks generally try to avoid fragmentation using techniques like Path MTU Discovery, which allows the sender to learn the smallest MTU along the path and adjust packet sizes before sending.

How to Avoid Fragmentation

Instead of relying on fragmentation, modern networks use techniques to prevent it:

• Path MTU Discovery (PMTUD): This process discovers the smallest MTU along the path between sender and receiver. The sender then adjusts packet sizes accordingly.
• Application-Level Adjustments: Some applications (like video streaming) are designed to send smaller packets that fit into typical MTU sizes.
• Network Best Practices:
  • Avoid forcing fragmentation.
  • Monitor and configure MTU settings consistently across devices.

By proactively managing MTU, fragmentation-related performance and security issues can be reduced.

IPv4 vs IPv6 Fragmentation

IPv4 allows both routers and the source host to fragment packets. But in IPv6, things are different:

• Routers cannot fragment packets.
• Only the source host can perform fragmentation.
• IPv6 relies heavily on Path MTU Discovery to avoid fragmentation altogether.

This change makes IPv6 more efficient and reduces the complexity that IPv4 faces with fragmentation.

Conclusion

IPv4 fragmentation is a mechanism that ensures large packets can travel across networks with different MTU sizes. It works by splitting packets into fragments and reassembling them at the destination.

Key takeaways:

• Fragmentation occurs when packets are larger than the MTU.
• IPv4 uses Identification, Flags, and Fragment Offset to manage fragments.
• Reassembly happens only at the destination.
• Fragmentation can cause performance, reliability, and security challenges, which is why methods like Path MTU Discovery are preferred today.

For network engineers and IT professionals, mastering these details is key to troubleshooting performance problems, designing efficient networks, and improving security.

Sameer

Cybersecurity blogger with a focus on firewalls, network security, and tech trends making security simple for everyone, from IT pros to curious minds.