recovering mtu/PAT issues

Unanswered Question

Hello, after reading previous post about NAT, i don't have very clear how to resolve my problem.

I'm using a MPLS-VPN to connect different sites to a central site providing internet access with a PIX (old device, PIX 520 6.1), anf i've found those known problems when using PAT (users not nagating in and more)


i have configured every link in the MPLS path with MTU 1516 and tag-switching mtu 1512. And links over pure IP with MTU 1500

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
bjornarsb Wed, 05/02/2007 - 00:20
User Badges:
  • Bronze, 100 points or more


Another aproach is to enable the core routers to accommodate all packets.

The MTU should be greater than or equal to the total bytes of the items in the following equation:

Core MTU >= (Edge MTU + Transport header + AToM header + (MPLS label stack * MPLS label


Edge MTU + Transport header + AToM header + (MPLS label stack * MPLS Label) = Core MTU

1500 + 18 + 0 + (2 * 4 ) = 1526

You must configure the P and PE routers in the core to accept packets of 1526 bytes. See the following section for setting the MTU size on the P and PE routers.

As you have indicated some interfaces (such as FastEthernet interfaces) require the mpls mtu command to change the MTU size.

Hope this helps.

Regards Bjornarsb


This Discussion