[c-nsp] MTU settings/GRE tunnel
Nick Kraal
nick at arc.net.my
Tue Sep 25 02:30:10 EDT 2007
Dear Pavel,
Have you tried adjusting MSS on the tunnel interface:
e.g. ip tcp adjust-mss 1400
Also search [www.cisco.com] for PMTUD (watch the line wrap):
http://www.cisco.com/en/US/tech/tk827/tk369/technologies_white_paper09186a00800d6979.shtml
Best regards,
-nick/
Pavel Gulchouck wrote:
> Hi,
>
> On Thu, Sep 20, 2007 at 10:55:08AM +0100, Phil Mayers writes:
> [...]
> PM> So, ideally set your physical interface ip mtu to 1536, physical mtu to
> PM> whatever IP overhead you have (e.g. 14 bytes on ethernet - 1550).
>
> I set mtu on physical interface and on SVI to 4096, set
> "ip mtu 1500" on gre tunnel but with no luck: MTU on tunnel
> interface is 1514, and if I try to increase it router responses:
> "% Interface Tunnel2 does not support adjustable maximum datagram size".
> Ping between tunnel source and tunnel dest with size 4096 and df
> is ok, but all 1500-bytes packets are fragmented while encapsulating
> into the gre tunnel.
> 6500/sup720.
> In addition I use ipsec (with SPA-IPSEC-2G), but MTU is unchangable
> for unprotected gre tunnels too. MTU on virtual GE to ipsec module
> is 9216.
> Big unfragmented packets from remote router (7200) are successfully
> receiving and decrypting.
>
> Any suggestions?
>
More information about the cisco-nsp
mailing list