diff --git a/man/systemd.netdev.xml b/man/systemd.netdev.xml
index 416874fbaff..454878d680e 100644
--- a/man/systemd.netdev.xml
+++ b/man/systemd.netdev.xml
@@ -764,7 +764,13 @@
         <listitem>
           <para>Specifies the flow label to use in outgoing packets.</para>
         </listitem>
-      </varlistentry>
+    </varlistentry>
+    <varlistentry>
+      <term><varname>IPDoNotFragment=</varname></term>
+        <listitem>
+          <para>Accepts the same key in <literal>[VXLAN]</literal> section.</para>
+        </listitem>
+    </varlistentry>
     </variablelist>
   </refsect1>
   <refsect1>
diff --git a/src/network/netdev/geneve.c b/src/network/netdev/geneve.c
index 0fb09961d62..fee596e582c 100644
--- a/src/network/netdev/geneve.c
+++ b/src/network/netdev/geneve.c
@@ -10,6 +10,7 @@
 #include "geneve.h"
 #include "netlink-util.h"
 #include "parse-util.h"
+#include "string-table.h"
 #include "string-util.h"
 #include "strv.h"
 #include "missing.h"
@@ -18,6 +19,15 @@
 #define GENEVE_FLOW_LABEL_MAX_MASK 0xFFFFFU
 #define DEFAULT_GENEVE_DESTINATION_PORT 6081
 
+static const char* const geneve_df_table[_NETDEV_GENEVE_DF_MAX] = {
+        [NETDEV_GENEVE_DF_NO] = "no",
+        [NETDEV_GENEVE_DF_YES] = "yes",
+        [NETDEV_GENEVE_DF_INHERIT] = "inherit",
+};
+
+DEFINE_STRING_TABLE_LOOKUP_WITH_BOOLEAN(geneve_df, GeneveDF, NETDEV_GENEVE_DF_YES);
+DEFINE_CONFIG_PARSE_ENUM(config_parse_geneve_df, geneve_df, GeneveDF, "Failed to parse Geneve IPDoNotFragment= setting");
+
 /* callback for geneve netdev's created without a backing Link */
 static int geneve_netdev_create_handler(sd_netlink *rtnl, sd_netlink_message *m, NetDev *netdev) {
         int r;
@@ -126,6 +136,12 @@ static int netdev_geneve_create(NetDev *netdev) {
                         return log_netdev_error_errno(netdev, r, "Could not append IFLA_GENEVE_LABEL attribute: %m");
         }
 
+        if (v->geneve_df != _NETDEV_GENEVE_DF_INVALID) {
+                r = sd_netlink_message_append_u8(m, IFLA_GENEVE_DF, v->geneve_df);
+                if (r < 0)
+                        return log_netdev_error_errno(netdev, r, "Could not append IFLA_GENEVE_DF attribute: %m");
+        }
+
         r = sd_netlink_message_close_container(m);
         if (r < 0)
                 return log_netdev_error_errno(netdev, r, "Could not append IFLA_INFO_DATA attribute: %m");
@@ -280,6 +296,7 @@ static void geneve_init(NetDev *netdev) {
         assert(v);
 
         v->id = GENEVE_VID_MAX + 1;
+        v->geneve_df = _NETDEV_GENEVE_DF_INVALID;
         v->dest_port = DEFAULT_GENEVE_DESTINATION_PORT;
         v->udpcsum = false;
         v->udp6zerocsumtx = false;
diff --git a/src/network/netdev/geneve.h b/src/network/netdev/geneve.h
index c201981e021..5f2f27c9bb3 100644
--- a/src/network/netdev/geneve.h
+++ b/src/network/netdev/geneve.h
@@ -10,6 +10,14 @@ typedef struct Geneve Geneve;
 
 #define GENEVE_VID_MAX (1u << 24) - 1
 
+typedef enum GeneveDF {
+        NETDEV_GENEVE_DF_NO = GENEVE_DF_UNSET,
+        NETDEV_GENEVE_DF_YES = GENEVE_DF_SET,
+        NETDEV_GENEVE_DF_INHERIT = GENEVE_DF_INHERIT,
+        _NETDEV_GENEVE_DF_MAX,
+        _NETDEV_GENEVE_DF_INVALID = -1
+} GeneveDF;
+
 struct Geneve {
         NetDev meta;
 
@@ -27,12 +35,17 @@ struct Geneve {
         bool udp6zerocsumtx;
         bool udp6zerocsumrx;
 
+        GeneveDF geneve_df;
         union in_addr_union remote;
 };
 
 DEFINE_NETDEV_CAST(GENEVE, Geneve);
 extern const NetDevVTable geneve_vtable;
 
+const char *geneve_df_to_string(GeneveDF d) _const_;
+GeneveDF geneve_df_from_string(const char *d) _pure_;
+
 CONFIG_PARSER_PROTOTYPE(config_parse_geneve_vni);
 CONFIG_PARSER_PROTOTYPE(config_parse_geneve_address);
 CONFIG_PARSER_PROTOTYPE(config_parse_geneve_flow_label);
+CONFIG_PARSER_PROTOTYPE(config_parse_geneve_df);
diff --git a/src/network/netdev/netdev-gperf.gperf b/src/network/netdev/netdev-gperf.gperf
index e2c994e9717..2a7ea9692fd 100644
--- a/src/network/netdev/netdev-gperf.gperf
+++ b/src/network/netdev/netdev-gperf.gperf
@@ -135,6 +135,7 @@ GENEVE.UDP6ZeroChecksumRx,                config_parse_bool,
 GENEVE.UDP6ZeroCheckSumTx,                config_parse_bool,                         0,                             offsetof(Geneve, udp6zerocsumtx)
 GENEVE.UDP6ZeroChecksumTx,                config_parse_bool,                         0,                             offsetof(Geneve, udp6zerocsumtx)
 GENEVE.DestinationPort,                   config_parse_ip_port,                      0,                             offsetof(Geneve, dest_port)
+GENEVE.IPDoNotFragment,                   config_parse_geneve_df,                    0,                             offsetof(Geneve, geneve_df)
 GENEVE.FlowLabel,                         config_parse_geneve_flow_label,            0,                             0
 MACsec.Port,                              config_parse_macsec_port,                  0,                             0
 MACsec.Encrypt,                           config_parse_tristate,                     0,                             offsetof(MACsec, encrypt)
diff --git a/test/fuzz/fuzz-netdev-parser/directives.netdev b/test/fuzz/fuzz-netdev-parser/directives.netdev
index f2189e1ccf2..0b332a6e7a2 100644
--- a/test/fuzz/fuzz-netdev-parser/directives.netdev
+++ b/test/fuzz/fuzz-netdev-parser/directives.netdev
@@ -32,6 +32,7 @@ FlowLabel=
 UDP6ZeroChecksumRx=
 Remote=
 UDP6ZeroCheckSumRx=
+IPDoNotFragment=
 [Bridge]
 ForwardDelaySec=
 HelloTimeSec=