It should be noted that IP fragmentation is quite limited and often buggy. IPv6 only requires receivers to re-assemble an IP packet that is at most 1500 bytes, so sending a 65KB TCP segment is quite likely to just result in dropped packets.
Alternatively, the 1500 limit is not a hard limit, and depends entirely on your link. Jumbo frames (~9000 bytes) and even beyond are possible if all the devices are configured in the right way. Additionally, IPv6 actually supports packets up to ~4GiB in size (so called "jumbograms", with an additional header), though I think it would be truly hard to find any network which uses this feature.
> Alternatively, the 1500 limit is not a hard limit, and depends entirely on your link.
The two concepts are completely independent and orthogonal. You can have a 1280 byte link MTU on a device which happily reassembles 9x fragments into a 9000 byte payload. You can also have another device with a 9000 byte link MTU which refuses to reassemble 2x 1280 byte fragments into a single 2000 byte packet simply because it doesn't have to. Both devices are IPv6 compliant.
Well, I suppose there is 1 causal relationship between link layer MTU and IPv6 fragmentation: "how much bigger than 1280 bytes can the individual fragments be".
Oh, yes, what I meant to say is that you can send frames larger than 1500 bytes without resorting to IP fragmentation, in certain networks. I can see how it sounded like the "1500 limit" was the IPv6 reassembly limit, but I wanted to refer to the 1500 limit for a single frame.
Indeed. If the attack works by exploiting (reliable) TCP re-ordering algorithms in the server then why also bother with (unreliable) IP fragmentation? Just send a larger number of out-of-order TCP packets, surely?
The article says the attack was more successful when using IP fragmentation in conjunction with TCP reordering. Probably it is two separate memory areas that have independent limits allowing you to store more data in the stack.
Alternatively, the 1500 limit is not a hard limit, and depends entirely on your link. Jumbo frames (~9000 bytes) and even beyond are possible if all the devices are configured in the right way. Additionally, IPv6 actually supports packets up to ~4GiB in size (so called "jumbograms", with an additional header), though I think it would be truly hard to find any network which uses this feature.