I'm seeing a behavior where packets larger than the MTU of my network card are still being sent even when the "Don't Fragment" (DF) flag is set. Here are the details:
From my understanding, packets larger than the MTU should not be sent if the DF flag is set. However, I see these large packets in Wireshark. I know the network card hardware can also fragment packets, but I assume that respects the DF flag? I know wireshark captures packets before it gets to the hardware and wireshark is running on the machine that is sending the packets out.
The DF flag is used for routers in the path to the destination. A NIC can fragment packets before they are sent. So, the packets are already fragmented before they are sent.
If a router receives a packet with a DF and an MTU that is too large, it wil return an ICMP error type 3: ‘Destination Unreachable’, code 4: ‘Fragmentation required, and DF set'. But your own NIC won't send these ICMPs back to you.