From memory...

What you're trying to protect against, with IP ID randomisation is people
doing "stealthy" scanning of your network by noticing the change in IP ID
in sequential packets...the "original threat" has/had nothing to do with
fragmentation, corrupting them or otherwise.

If the IP_ID space is a linear congruence then you can observe a change
like this:

you ---ICMP ECHO---> server
you <--ICMP ECHO_REPLY (ID=n)--- server
fake ---TCP SYN---> server
fake <---TCP RST (ID=n+1)--- server
you ---ICMP ECHO---> server
you <--ICMP ECHO_REPLY (ID=n+2)--- server

i.e. you can detect that the server responded to the packet.

There are other variations on this where it is possible to better
conceal the identity of "you" but you get the idea.  You can also
make guesses about whether or not things are being filtered, based
on the return value seen in the IP ID field.

Against a NetBSD box using "ip->ip_id = ipid++" then it's not going
to be very informative for a busy box, only those idle ones sitting
on your home network, unattended and exposed to the Internet.

Thinking about this and what Solaris does, Solaris may not provide
any real protection from this sort of information gathering but
then I doubt their implementation was done because someone was
afraid of shadows.

I can't believe we're back on this thread, it's been discussed before
and we worked out back then that this (random IP ID) has no real
value-add.  Maybe someone wasn't listening then (and seems like
they still aren't...maybe if they were open minded and listened,
they'd be less stressed.)

Darren