Cisco Cisco Packet Data Gateway (PDG) Guia De Resolução De Problemas
Crypto Template Configuration Mode Commands
control-dont-fragment ▀
Cisco ASR 5000 Series Command Line Interface Reference ▄
OL-22947-02
control-dont-fragment
Controls the don‘t fragment (DF) bit in the outer IP header of the IPsec tunnel data packet.
Product
PDIF
Privilege
Security Administrator, Administrator
Syntax
Usage
Options are:
: Clears the DF bit from the outer IP header (sets it to 0).
: Copies the DF bit from the inner IP header to the outer IP header. This is the default
action.
: Sets the DF bit in the outer IP header (sets it to 1).
Usage
A packet is encapsulated in IPsec headers at both ends. The new packet can copy the DF bit from the original
unencapsulated packet into the outer IP header, or it can set the DF bit if there is not one in the original
packet. It can also clear a DF bit that it does not need.
unencapsulated packet into the outer IP header, or it can set the DF bit if there is not one in the original
packet. It can also clear a DF bit that it does not need.
Example
The following command sets the DF bit in the outer IP header:
The following command sets the DF bit in the outer IP header: