Fragmentation on UDP layer possible?

StarBrilliant coder at
Sun Aug 12 18:53:44 CEST 2018

Hello Wireguard developers and uesrs,

Thank you for having built up this software!

Recently I found some problems transmitting large UDP packets at
certain network environments.

My network architecture consists of 2 layers (Wireguard + VXLAN) to
enable mesh routing based on BGP and Babel routing protocols. To reach
a minimum MTU of 1280 bytes required by IPv6, the network must be able
to send and receive UDP datagrams of 1362 bytes. However some public
Wi-Fi does not allow me to send UDP packets of this big. No matter I
do fragmentation on my box with DF Flag on, or disable PMTUD with DF
flag off, the firewall simply rejects any fragmented IP packet.

I know Wireguard can already do IP layer fragmentation. (Just set
tunnel MTU >= 1441 then fragmentation will be turned on) But in this
network condition we might need to solve the problem on UDP layer.
OpenVPN supports UDP layer fragmentation through the "--fragment X"
option. By specifying this option, UDP packets will be no more than X
bytes. It adds an additional 4-byte overhead per fragment.

My question is, is UDP layer fragmentation technically possible for
Wireguard? If possible, will it introduce incompatibility to old
clients? How much overhead might it have?

And again, thank you!

More information about the WireGuard mailing list