Vyatta NOS documentation

Learn how to install, configure, and operate Vyatta Network Operating System (Vyatta NOS), which helps to drive our virtual networking and physical platforms portfolio.

Packet fragments

As per RFC 6192, all packets fragments are dropped unless a stateful firewall has been configured to permit the packets. This is to avoid a possible denial of service attack.

For one example of filtering traffic of fragmented packets, see "Filtering on Source IP Address”.

Figure 1. Traffic flows originating from the router system