[c-nsp] how "fast" is L2TP "fast switching" under 12.3T?
Robert E.Seastrom
rs at seastrom.com
Wed Oct 27 09:50:52 EDT 2004
Many thanks to Krzysztof and David for pointing out the fragmentation
problem. I might have stumbled on that myself (given sufficient time
and had I been minus the 15 hours worth of cutovers that I'd already
done yesterday) but really appreciate having a couple of extra set of
eyes connected to functioning brains looking over the config.
Additional comments inline:
Krzysztof Adamski <k at adamski.org> writes:
> Your problem is fragmentation, since the L2TP tunnel is delivered over
> Ethernet, the max MTU is 1500. Every customer frame that is over 1452
> causes fragmentation since 1452 + 8(PPPoE) + 12(L2TP) + 8(UDP) + 20(IP) = 1500.
> You can add "ip tcp adjust-mss 1412" to eliminate fragmentation of TCP
> packets, but you won't be able to do anything about UDP and IPSec packets.
Yup, the "ip tcp adjust-mss 1412" is already in place. Based on flow
stats collected upstream, UDP is the biggest contributor; IPSec plays
a bit role.
> You friend has ATM, he has a bigger MTU, so no fragmentation.
>
> I have an identical setup to you, I graph CPU usage and reassembly, the
> graphs match perfectly.
Thanks for that data point. I'm investigating other technologies
(jumbo frame gige, MPLS/frame on POS, even ATM). I like the idea of
engineering around the fragmentation issue, since it gives me the
uneasy feeling that we are just one windows-virus-that-sends-big-UDP-
datagrams away from taking it on the chin.
Cheers,
---Rob
More information about the cisco-nsp
mailing list