GRE Fragment and Reassembly Performance Tuning

The GRE Fragment and Reassembly Performance Tuning feature enables you to customize reassembly resources. Reassembly resources are equally allocated to each interface to prevent fragment-related attack. However, in some generic routing encapsulation (GRE) tunnel deployments, fragments are reassembled in specific interfaces. This feature also allows you to adjust the reassembly timer to free up incomplete fragment sessions quickly and reserve the reassembly resources for high priority packets.

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.

Restrictions for GRE Fragment and Reassembly

  • The IPv4 or IPv6 protocol must be enabled on an interface.

  • This feature supports manually created tunnel interfaces or physical interfaces (virtual template is not officially supported).

Information About GRE Fragment and Reassembly

Fragmentation and Reassembly

In Cisco software, packets may be dropped due to nonavailability of reassembly resources of an interface when fragments arrive concurrently on an interface, though, other interfaces have the resources to reassemble fragments. In some cases, some interfaces need additional resources, such as generic routing encapsulation (GRE) tunnel deployment, and resources are freed only when fragments are reassembled. Therefore, if all fragments are not received, the reassembly resources are not freed.

The GRE Fragment and Reassembly Performance Tuning feature improves reassembly performance by reassembling high priority fragments first so that these fragments are not dropped when low priority fragments occupy the reassembly resources.

Out of Order Packet Processing

Sometimes, a big packet may be received before a small packet, but forwarded after a small packet. Consider a scenario, in which a big packet followed by a small packet (packet size smaller than the egress interface MTU). The big packet may be fragmented and reassembled. Fragmentation and reassembly of the big packet requires an additional processor cycle. Devices that run on Cisco IOS XE software follow multithread processing. That is, small packet require shorter processing time and, hence, may be forwarded before the fragmented big packet. This process results in packet sequence changes on the receiver's end (big packets received before small packets, but may be forwarded out after small packets).

How to Use GRE Fragment and Reassembly

Configuring GRE Fragment and Reassembly (GFR)

Perform this task to do the following:

  • Enable generic routing encapsulation (GRE) Fragment and Reassembly (GFR) on an interface

  • Specify maximum threshold values to combat buffer overflow and control memory usage

  • Verify GFR configurations

SUMMARY STEPS

  1. enable
  2. configure terminal
  3. interface type number
  4. Enter one of the following:
    • ip reassembly [max-reassemblies number] [timeout milliseconds] [percentage percent {dscp dscp-value | precedence precedence-value}]
    • ipv6 reassembly [max-reassemblies number] [timeout milliseconds] [percentage percent {dscp dscp-value | precedence precedence-value}]
  5. end
  6. Enter one of the following:
    • show ip reassembly interface type number
    • show ipv6 reassembly interface type number

DETAILED STEPS

  Command or Action Purpose
Step 1

enable

Example:

Device> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

Example:

Device# configure terminal

Enters global configuration mode.

Step 3

interface type number

Example:

Device(config)# interface GigabitEthernet 0/0/0

Configures an interface type and enters interface configuration mode.

Step 4

Enter one of the following:

  • ip reassembly [max-reassemblies number] [timeout milliseconds] [percentage percent {dscp dscp-value | precedence precedence-value}]
  • ipv6 reassembly [max-reassemblies number] [timeout milliseconds] [percentage percent {dscp dscp-value | precedence precedence-value}]

Example:

Device(config-if)# ip reassembly max-reassemblies 1024 timeout 1000 percentage 50 precedence critical routine

Example:

Device(config-if)# ipv6 reassembly max-reassemblies 1024 timeout 1000 percentage 50 precedence critical routine

Enables GFR on an IPv4 or IPv6 interface, as appropriate.

Step 5

end

Example:

Device(config-if)# end

Exits interface configuration mode and returns to privileged EXEC mode.

Step 6

Enter one of the following:

  • show ip reassembly interface type number
  • show ipv6 reassembly interface type number

Example:

Device# show ip reassembly GigabitEthernet 0/0/0

Example:

Device# show ipv6 reassembly GigabitEthernet 0/0/0

Displays statistical information of the GFR configured about the interface.

Configuration Examples for GRE Fragment and Reassembly

Example: Configuring GFR

The following example shows how to configure GFR on a Gigabit Ethernet interface and specify the maximum reassembly and timeout settings:

interface GigabitEthernet 0/0/0
 ip address 10.10.10.1 255.255.255.0
 ipv6 address 2001:DB8:1::1
 ip reassembly max-reassemblies 1024 timeout 1 percentage 50 dscp ef
 ipv6 reassembly max-reassemblies 1024 timeout 1 percentage 50 dscp ef 
 ip virtual-reassembly max-reassemblies 1024 timeout 1 percentage 10 dscp af41 
 ipv6 reassembly out max-reassemblies 1024 timeout 1 percentage 50 precedence cs1

Additional References for GRE Fragment and Reassembly

Related Documents

Related Topic

Document Title

Cisco IOS commands

Cisco IOS Master Command List, All Releases

Security commands

Virtual Fragmentation and Reassembly

Virtual Fragmentation and Reassembly

Technical Assistance

Description

Link

The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password.

http://www.cisco.com/cisco/web/support/index.html

Feature Information for GRE Fragment and Reassembly

The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.
Table 1. Feature Information for GRE Fragment and Reassembly

Feature Name

Releases

Feature Information

GRE Fragment and Reassembly Performance Tuning

Cisco IOS XE Release 3.8S

The GRE Fragment and Reassembly Performance Tuning feature enables you to customize reassembly resources. Reassembly resources are equally allocated to each interface to prevent fragment-related attack. However, in some generic routing encapsulation (GRE) tunnel deployments, fragments are reassembled in specific interfaces. This feature also allows you to adjust the reassembly timer to free up incomplete fragment sessions quickly and reserve the reassembly resources for high priority packets.

The following commands were introduced or modified: ip reassembly , show ip reassembly .