[c-nsp] MTU over L2TPv3 tunnel

alex at alsn.be alex at alsn.be
Thu Feb 28 04:44:01 EST 2008 

Hey,

I have a problem that i just can't resolve. I hope someone will be able to
help.

Here's the situation. I have 2 client switches (Catalyst 2400) each
connected on a separate border router (7200). Between the router is a
L2TPv3 tunnel.

When i test the connection (RFC 2544) i get the result i expect +/-90Mb/s
as long as the packet size is smaller then 1518. Once the packet size is
1518 the cpu of one of the two routers gets to 100% and the throughput
lowers to +/-30Mb/s after about 30 seconds.

I tested the maximum MTU with a ping and found out it's at 1472.

I tried to change the ip mtu and mss to correct values (even tried lower
values) but it didn't help. When i sniff the connection i noticed the mss
value isn't the value i put one the interface. The lowest value i have
seen is 1460 (wich should be allright).

When i enable ip pmtu, i get with wireshark and on the routers the ICMP
messages.

Here's the intresting part of the config without changes of the mtu and
mss( i basicly tried every possible mtu and mss config):

Router 1:
---------

c7200-adventerprisek9-mz.124-4.T1.bin
Cisco 7206VXR (NPE-G1) processor (revision B) with 229376K/32768K bytes of
memory.

l2tp-class L2L-L2TP
 authentication
 password XXX
!
pseudowire-class L2L-PW
 encapsulation l2tpv3
 protocol l2tpv3 L2L-L2TP
 ip local interface Loopback100
!
interface Loopback100
 ip address 172.16.0.1 255.255.255.224
!
interface GigabitEthernet0/1.200
 encapsulation dot1Q 200
 ip address 192.168.1.1 255.255.255.0
 ip ospf cost 1
!
interface GigabitEthernet0/1.300
 encapsulation dot1Q 300
 ip address 192.168.2.1 255.255.255.0
 ip ospf cost 10
!
interface GigabitEthernet0/2.100
 encapsulation dot1Q 100
 no cdp enable
 xconnect 172.16.0.2 100 pw-class L2L-PW


Router 2:
---------

c7200-adventerprisek9-mz.124-4.T1.bin
Cisco 7206VXR (NPE400) processor (revision A) with 491520K/32768K bytes of
memory.

l2tp-class L2L-L2TP
 authentication
 password XXX
!
pseudowire-class L2L-PW
 encapsulation l2tpv3
 protocol l2tpv3 L2L-L2TP
 ip local interface Loopback100
!
interface Loopback100
 ip address 172.16.0.2 255.255.255.224
!
interface FastEthernet0/0.200
 encapsulation dot1Q 200
 ip address 192.168.1.2 255.255.255.0
 ip ospf cost 1
!
interface FastEthernet0/0.300
 encapsulation dot1Q 300
 ip address 192.168.2.2 255.255.255.0
 ip ospf cost 10
!
interface FastEthernet0/1.100
 encapsulation dot1Q 100
 no cdp enable
 xconnect 172.16.0.1 100 pw-class L2L-PW

Is there a way too change the value of the mtu so that packets don't get
fragmented (i assume fragmentation makes the cpu go to 100%) or make the
tunnel larger (again so that packets don't get fragmented)?

I still think its weird default packets don't get through the tunnel.

I tested the same L2TPv3 on a POS connection and get perfect results.

More information about the cisco-nsp mailing list