[c-nsp] how "fast" is L2TP "fast switching" under 12.3T?
Krzysztof Adamski
k at adamski.org
Wed Oct 27 12:27:24 EDT 2004
On Wed, 27 Oct 2004, Robert E.Seastrom wrote:
> > Your problem is fragmentation, since the L2TP tunnel is delivered over
> > Ethernet, the max MTU is 1500. Every customer frame that is over 1452
> > causes fragmentation since 1452 + 8(PPPoE) + 12(L2TP) + 8(UDP) + 20(IP) = 1500.
> > You can add "ip tcp adjust-mss 1412" to eliminate fragmentation of TCP
> > packets, but you won't be able to do anything about UDP and IPSec packets.
>
> Yup, the "ip tcp adjust-mss 1412" is already in place. Based on flow
> stats collected upstream, UDP is the biggest contributor; IPSec plays
> a bit role.
If you look inside the UDP packets you will probably discover that they
contain IPSec packets, that seems to be the preferred way of passing IPSec
through NAT boxes.
Here is something you can do to eliminate the UDP problem, set the MTU on
the PPPoE link to 1452, now you are going to guaranty that no fragmentation
is not happening. I have not been brave enough to try this, since I don't
know what will stop working :-) If you try this, let me know how it works.
K
More information about the cisco-nsp
mailing list