[c-nsp] GRE or L2TP tunnels and MTU woes

Justin Shore justin at justinshore.com
Tue Apr 24 09:52:40 EDT 2007 

We ran into a problem this morning that I'm struggling with.  We have 2 
POPs connected together via fiber (75 miles or so).  Along the way is 
series of non-Cisco broadband aggregation routers.  We do not want to 
interface with the agg routers via OSPF.  They are outside of our 
administrative control and would be more trouble than it would be worth 
to try and make it happen.  We had these agg routers set up to carry a 
number of VLANs across the ring of agg routers to the other POP and a 
few ancillary sites in the middle.  We met them with a trunk on each 
end, allowed VLANs, native for the local broadband traffic, etc.  This 
part works alright.

The problem we discovered yesterday is that the agg routers are 
stripping out IS-IS packets.  I could ping across the interface IPs 
(connected route) but I could not see any IS-IS packets.  The only 
solution we had to work around that problem was a GRE tunnel.  This 
worked and IS-IS worked right away.  However this introduced a MTU 
problem in the backbone of the ISP.  Web surfing worked but not that 
well.  Larger downloads failed miserably.  Etc.  I can not find a way to 
raise the MTU on the tunnel.  We requested that the MTU on all GigE 
interfaces on the agg routers be maxed out at 9216.  I've already 
changed the MTU on our physical interfaces and associated SVIs.

POP1 has a pair of 7600s running SRB.  POP2 has a pair of ME6524s.  The 
first router in each pair is supposed to connect via a VLAN to the first 
in the other pair and the same for the other pair of routers on another 
VLAN.  By all account it should look like 2 separate paths between POPs. 
  I'm trying to find another option for either raising the MTU on the 
GRE tunnel or perhaps switching to another tunnel type such as L2TPv3 
and carrying the VLANs across myself.  I am short on L2TP knowledge 
though.  Any other ideas would be welcomed as well.  Before it's 
suggested, no I can not eliminate the agg routers in the middle.  We 
have get through them somehow.

I already rolled back the changes but I do have a link up to test with.

Thanks
  Justin

More information about the cisco-nsp mailing list