ETIMEDOUT networking network_error ai_generated partial

IP fragment reassembly timeout: packet dropped (fragmentation timeout exceeded)

ID: networking/ip-fragment-timeout-reassembly-failed

Also available as: JSON · Markdown · 中文
75%Fix Rate
85%Confidence
1Evidence
2024-03-15First Seen

Version Compatibility

VersionStatusIntroducedDeprecatedNotes
Linux kernel 5.15 active
Linux kernel 6.1 active
FreeBSD 13.2 active

Root Cause

A fragmented IP packet was not fully reassembled within the system's timeout (typically 30-60 seconds), causing all received fragments to be discarded, often due to high packet loss or mismatched PMTU.

generic

中文

一个IP分片数据包未能在系统超时时间(通常30-60秒)内完成重组,导致所有已接收的分片被丢弃,通常由高丢包率或PMTU不匹配引起。

Official Documentation

https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt

Workarounds

  1. 85% success Reduce the MTU on the interface to avoid fragmentation entirely: `ip link set dev eth0 mtu 1400` 
    Reduce the MTU on the interface to avoid fragmentation entirely: `ip link set dev eth0 mtu 1400`
  2. 80% success Enable PMTU discovery and set the DF (Don't Fragment) flag on UDP sockets: `sysctl -w net.ipv4.ip_no_pmtu_disc=0` and ensure firewalls do not block ICMP 'Fragmentation Needed' messages. 
    Enable PMTU discovery and set the DF (Don't Fragment) flag on UDP sockets: `sysctl -w net.ipv4.ip_no_pmtu_disc=0` and ensure firewalls do not block ICMP 'Fragmentation Needed' messages.
  3. 70% success Increase the reassembly queue size to handle bursts: `sysctl -w net.ipv4.ipfrag_max_dist=64` and `sysctl -w net.ipv4.ipfrag_high_thresh=8388608` 
    Increase the reassembly queue size to handle bursts: `sysctl -w net.ipv4.ipfrag_max_dist=64` and `sysctl -w net.ipv4.ipfrag_high_thresh=8388608`

中文步骤

  1. Reduce the MTU on the interface to avoid fragmentation entirely: `ip link set dev eth0 mtu 1400`
  2. Enable PMTU discovery and set the DF (Don't Fragment) flag on UDP sockets: `sysctl -w net.ipv4.ip_no_pmtu_disc=0` and ensure firewalls do not block ICMP 'Fragmentation Needed' messages.
  3. Increase the reassembly queue size to handle bursts: `sysctl -w net.ipv4.ipfrag_max_dist=64` and `sysctl -w net.ipv4.ipfrag_high_thresh=8388608`

Dead Ends

Common approaches that don't work:

  1. 60% fail

    This only delays the inevitable; if the underlying packet loss is not fixed, fragments will still be dropped after the longer timeout, and it may cause memory exhaustion from pending fragments.

  2. 80% fail

    This breaks legitimate fragmented traffic like large UDP datagrams or certain VPN protocols, leading to connectivity loss for those applications.

  3. 90% fail

    Rebooting resets state temporarily but does not address the root cause of packet loss (e.g., a faulty link or MTU mismatch), so the error returns quickly.