First question: are some platforms known to send out packets with wrong checksums? My Checkpoint firewall has this option for verifying and blocking packets with wrong checksums. I enabled this option for a week or so and found one instance of it dropping a windows update packet. ( which wasn't re-sent, so I had to re-initialize Windows Update and redo the whole operation with that option turned off ) Second question. Are ip fragments a thing from long ago when we have different brands of mainframes with different sized packets ? Has the industry standardized on a de fact to standard? The firewall has an option of dropping packets if the fragments add up to more than a user configurable fragment count. I haven't encountered a problem by setting the count to 1. Fragmented packets are often targeted to sites to bypass firewall rules. The default setting has the count set to 300, which I thought was unreasonable. What platform would send out a packet so big that subsequent bridges/routers have to separate it into 300 fragments?
fragmentation over the line is also caused by wrong MTU values. windows has default 1500 (LAN), line should by synced betweeen provider and router and MTU is normally lower (here: 1492) jumbo frames (9000) can not be used for web, only for internal usage (lan) to reduce overhead. jumbo frames to the web means fragmentation, more work for the router to cut packages = means less performance and less speed. if some software drops fragmented packages its action is very low in the ISO-OSI model. normally packages contain a checksum and if wrong windows request it again. if permanent data has failed. fragmentation do not mean that data is corrupted, it is send in more than one package. normally all is fine except a stupid firewall need to check all and anything for nuts. and you have gained experience also now.
