When a network device transmits a packet, if the Maximum Transfer Unit (MTU) configured on the device is shorter than the length of the packet, the packet is fragmented before transmission. In an ideal case, fragment packets are transmitted in a fixed order. During actual transmission, the initial fragment packet may not be the first to reach the FW.
To ensure session continuity, the FW supports caching fragments by default. Fragments arrive earlier than the first fragment are cached and then forwarded after the first fragment arrives. The number of fragments that can be cached is subject to the maximum number of cached fragments set in firewall ipv6 fragment-cache-maximum.
You can configure direct forwarding of fragment packets on the FW according to the actual network situations, instead of caching the fragment packets.
system-view
firewall ipv6 fragment-forward enable
After the direct forwarding of fragment packets is enabled, the FW directly forwards fragment packets rather than caches them.