[c-nsp] What MTU for Bellsouth BBG / BRAS <-> LNS l2TP tunnel?
Gert Doering
gert at greenie.muc.de
Fri Oct 29 08:51:21 EDT 2004
Hi,
On Fri, Oct 29, 2004 at 07:28:03AM -0500, Brian Feeny wrote:
> But still, the Link between myself and Bellsouth is only 1500, and
> since this is the link on which
> l2tp tunneling is being done, thats going to create a problem with it
> being so low. I did a test, and
> my LNS reports back to remote sites MTU of 1492, which sounds correct
> for PMTU Discovery since
> thats the PPPoE layer responding back its limit.
That's the PPPoE limit, yes. Unfortunately, if you send 1492-byte
packets, the L2TP packet will be too large, and the routers will need
to fragment/defragment the "outer" packet, which costs lots of CPU.
One approach is to set the virtual-template MTU to 1454, to make sure
that L2TP packets never need fragmentation. In this case, 1454 is also
the MTU that will be discovered by PMTUd.
The best approach is to use PPPoA (no MTU issues) and carry L2TP over
something that has a larger MTU - either Ethernet with switches and
routers that can do that, or ATM / serial lines / ...
[..]
> Another "fix" that works, is to set "ip ignore-df bit" on the Interface
> on my LNS that terminates customers
This is mostly a workaround for the problems with PMTUd and stupid
firewall adminstrators. It won't help the L2TP fragmentation issue.
Actually, it's a real mess in that case. A 1500 byte packet is fragmented
into 1492+8 byte, and then the 1492+L2TP packet is fragmented *again*...
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert at greenie.muc.de
fax: +49-89-35655025 gert at net.informatik.tu-muenchen.de
More information about the cisco-nsp
mailing list