[c-nsp] l2tp xconnect problem with packets > 1430
Peter Rathlev
peter at rathlev.dk
Wed Dec 7 15:43:10 EST 2011
On Wed, 2011-12-07 at 09:49 -1000, Antonio Querubin wrote:
> I have two cisco 2821 routers running IOS 12.4(25e) configured with a l2tp
> xconnect. The relevant portion of the configs are below. Both routers
> can ping each other's loopback interface with large packets (> 1500). But
> hosts off opposite ends of the xconnect cannot consistently ping each
> other with anything larger than 1430 bytes. However, throughput between
> hosts across the tunnel running iperf is good (> 400 Mbps).
>
> However, if I remove 'ip pmtu' and 'ip dfbit set' from the
> pseudowire-class, large pings (9000 byte packets) start to work but
> the throughput across the tunnel drops to less than 50 Mbps.
MTU?
If the L2TPv2 packets cannot exceed 1500 bytes then the ICMP payload
size of an encapsulated packet cannot exceed 1430 bytes, assuming you're
not transporting a 802.1Q frame.
An ICMP packet with 1430 bytes payload, 8 bytes ICMP header and 20 bytes
IP header is 1458 bytes. Next comes the Ethernet frame header of 14
bytes. Add to this the 8 bytes L2TPv3 header and 20 bytes outer IP
header and you're at the 1500 bytes.
Removing PMTUD and via DF-bit allowing fragmetation greatly increases
the CPU load on the devices terminating the tunnels.
--
Peter
More information about the cisco-nsp
mailing list