segmentation vs fragmentation

I'm having a hard time understanding the difference between segmentation of data at the Transport layer and the possible fragmentation of data by IP at the data link layer. The study guides describe each, but I'm not sure what each uses to determine how and when to break up the data and why that is done in two different places.

Does anyone have either a reference that compares these two or care to offer a brief comparison?

Thanks in advance

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

KPWright

Not sure about etiquette in replying to your own post, but just in case anyone else is wondering, here's what I've managed to find out.

IP fragmentation is most likely to occur, not due to considerations within a local network, but rather due to routing between or across internetworks. The transport layer really just concerns itself with how large of a segment the receiving host and application is prepared to digest. While applications can make an attempt at determining the maximum segment size that can be successfully transmitted to the receiving host, this takes time and effort.

If the receiving host is within the same network, all should be well as the understanding is that the maximum segment size should be kept small enough to allow for the addition of both the TCP and IP headers. If the resulting packet must be transmitted inter-network however and the next hop router indicates it exceeds the MTU of one or more networks in between, IP then fragments the frame and the next hop router is then expected to re-assemble it before handing back to the transport layers.

I came to this understanding by finding a few references from google and a quick read of RFC 879. Please correct or add at will if you think this is off base.

Thanks,

Kevin