[c-nsp] MTU / BGP

Gert Doering gert at greenie.muc.de
Tue Jul 21 03:16:45 EDT 2015


Hi,

On Tue, Jul 21, 2015 at 09:10:35AM +0200, Mark Tinka wrote:
> On 21/Jul/15 09:06, Gert Doering wrote:
> > If you have a link where the L3 MTU is set higher than the L2 technology
> > can handle, you're run into deep shit anyway - like, ISIS not coming up
> > (due to padding to full MTU size), L3 packets spontaneously disappearing
> > into a black hole (because your routers assume they can send them
> > unfragmented...), etc.
> 
> Agree.
> 
> The problem is when you lease a Layer 2 network, as you mention below,
> the MTU on your immediate connection to your provider may be different
> from the one across their backbone that gets to your B-end, especially
> if the provider does not have confidence that they have a consistent MTU
> in their backbone.

In that case, your L3 MTU on your routers needs to be set to something
lower or equal to the lowest L2 MTU that your packets might hit.

(We have a leased link "ethernet over packet" that loses 8 byte MTU when 
the primary link in their network goes down and switches to backup... bit
us mightily.  Reduced L3 MTU on our side to take that into account, no
problems anymore)

Best, get your provider to guarantee you a given value, and regularily
*verify* that.  What we do: ping all routers behind "dubious" links with
10k packets - on the way *to* the router, the packet is fragmented to
1500 bytes (because the management system doesn't have a bigger uplink),
so the ping packet will arrive always, no matter what the MTU.  Now the
return packet will sent fragmented to the L3 MTU of the router being
pinged - if that is too big for its L2 link, we'll notice and can adjust.

    mgmt -(1500)- R1 -(9000)- R2 -(dubious)- R3

(just to point out the obvious: when the "large fragments" arrive at R1,
they will be fragmented further, down to 1500.  This feels fairly cruel,
but it works out nicely)

gert
-- 
USENET is *not* the non-clickable part of WWW!
                                                           //www.muc.de/~gert/
Gert Doering - Munich, Germany                             gert at greenie.muc.de
fax: +49-89-35655025                        gert at net.informatik.tu-muenchen.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 291 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20150721/03891069/attachment.sig>


More information about the cisco-nsp mailing list