[nsp] OSPF & Encryption

Gert Doering gert at greenie.muc.de
Tue Nov 18 16:41:00 EST 2003


On Tue, Nov 18, 2003 at 12:25:21PM -0800, David Sinn wrote:
> One problem with using a IP MTU of 1500 on the tunnel interfaces is that the
> receiving end will process switch any packets that need to be reassembled.
> This can seriously impact your performance, so take care in doing this.
> It does fix the broken PMTU problems that can result when you have to be on
> links smaller then 1500, so some times it is the only option.

In this specific setup, there are serial T1 lines between the routers, so
you could crank up the physical MTU on the T1 line to "2000" (or whatever).

That way, a full-sized IP packet can easily fit into the tunnel packet,
without router fragmentation.

USENET is *not* the non-clickable part of WWW!
Gert Doering - Munich, Germany                             gert at greenie.muc.de
fax: +49-89-35655025                        gert at net.informatik.tu-muenchen.de

More information about the cisco-nsp mailing list