[cisco-bba] LAC/LNS --> L2TP MTU issues

Rodrigo Curado rodas at rocketmail.com
Fri Jun 2 21:51:04 EDT 2006 

Hi Christian.

My first advice is try to enable a bigger (than 1500) MTU between the
LAC and the LNS. That way you can get a bigger payload per packet.

If you can't I recommend what I'm using, so far without any problems:

vpdn-group (no changes regarding mtu's)

virtual template
 mtu xxxx
 ip tcp adjust-mss zzzz

You can have issues with udp or icmp packets but in my scenario that's
an accepted limitation (usually you won't see "important" traffic with
~1500bytes on udp or icmp over a PPPoX connection, but it's up to you).

Clearing the DF bit works but can bring the 7200-G1 down sooner than you
expect.

When I was working on this mtu issues I've found a nice document that
could help you get the right values (you can always do some math :) and
compare the several options you mention:

http://info.connect.com.au/docs/permconnections/adsl-customer-info.pdf

BTW this is a fine example of Service Provider to Customer technical
support.

Best Regards,

On Mon, 15 May 2006 - 22:57 +0200, Christian Schmit wrote:
> Recently we encountered MTU issues on our
> DSL connections. We run a typical LAC-LNS 
> setup with the telco. LAC on the telcos 
> side are ERX boxes while the LNS used are
> Cisco7200 with G1.
> 
> Affected by the MTU problems were some IPSEC VPNs
> and radius connections.
> 
> While browsing through different sample configs
> on the Internet I found the following commands
> to be useful to address the mtu problem.
> 
> 
> virtual template commands:
> -------------------------- 
> 
> - ip tcp adjust-mss xxxx
> - ppp mtu adaptive
> - ip mtu xxxx
> - mtu xxxx
> - clearing the DF bit using a route-map
> 
> vpdn-group commands:
> --------------------
> 
> - ip mtu adjust
> - ip pmtu
> 
> 
> 
> My current LNS config regarding MTU is:
> ---------------------------------------
> 
> vpdn-group 1
>  accept-dialin
>   protocol l2tp
>   virtual-template 1
>  terminate-from hostname LAC
>  lcp renegotiation always
>  l2tp tunnel password 7 xxxxxxxxxxxxxxxxxxxxxxxx
>  ip mtu adjust
> .
> .
> .
> interface Virtual-Template1
>  ip unnumbered Loopback1
>  ip tcp adjust-mss 1420
>  ip mroute-cache
>  peer default ip address pool DSL_POOL1
>  ppp authentication pap chap
> !
> 
> 
> If anybody could comment on what combination of
> commands is best to be used to solve the mtu 
> problem would be great.
> 
> Christian
> 
> 
> 
> _______________________________________________
> cisco-bba mailing list
> cisco-bba at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-bba
> 
> 
--
Rodrigo Curado

More information about the cisco-bba mailing list