Gre tunnel issue w/ one application.

Unanswered Question

Have a network

{system}_______Cat 6509 ---GRE---- Cat 3550_____{system}

Of course the GRE tunnel chops down the mtu size, so the highest I can perform the ping command (ping ip -f -l 1448) which when you add your 28 it comes to 1476 total. I can ping ip -l 1500 and get a ping response, though this packet is fragmented. An application works fine when plugged locally into SW1, but the system has problems when traversing the GRE tunnel because the MTU is chopped down. I have been trying to tell the sys admin that this is because the GRE tunnel chops down the MTU size and it seems his system does not handle fragmented packets. The fix has been to lower the MTU in regedit within the Windows box and everything works fine. He is not happy with this fix. He states that the system worked 2 weeks ago and now it does not work. He has not used it since then. He states no changes were made on his system. THe system uses UDP. I have only updated my IOS version on the 6509 to 12.2 SXF8. Keep in mind everything else but this one system is having issues within the network. Any idea or experience with a similar problem? Any comments would be appreciated. P.S. In this network I must run GRE tunnels, so that is not an option.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
bjornarsb Fri, 05/04/2007 - 11:43


tcp adjust mss is for tcp traffic only,

not udp.



mohammedmahmoud Fri, 05/04/2007 - 12:01


Ok, as a last trial, a workaround for these problems is to configure the IP sender to disable PMTUD. This causes the IP sender to send their datagrams with the DF flag clear. When the large packets reach the small-MTU router, that router fragments the packets into multiple smaller ones. The smaller, fragmented data reaches the destination where it is reassembled into the original large packet.

This was the best way i've solved with it the problem many times, but you'll have to agree on it with your sys admin.

HTH, please rate if it does help,

Mohammed Mahmoud.

bjornarsb Sat, 05/05/2007 - 03:08


Your links are ok, but they only works for tcp. TCP and UDP operates quiet differently.

ip tcp adjust-mss max-segment-size


Router(config-if)# ip tcp adjust-mss 1452

Adjusts the MSS value of TCP SYN packets going through a router. The max-segment-size argument is the maximum segment size, in bytes. The range is from 500 to 1460.

TCP have flow control, UDP is just best effort!

ip mtu bytes


Router(config-if) ip mtu 1491

Sets the MTU size of IP packets, in bytes, sent on an interface

So from my point of view this system have a bad design since it is set up using so large udp datagrams. It not best practice.




This Discussion