CSM & don't fragment flag behaviour

Unanswered Question
Nov 21st, 2007
User Badges:


I have some problems with large packets send from CSM VIP towards clients over

a GRE Tunnel with MTU 1400.

Some packets are send out with don't fragment flag set and some with unset flag.

Question1: is it possible to influence CSM don't fragment flag behaviour via configuration ?

Question2: is CSM able to react on ICMP type 3 code 4, in other words is CSM able to perform MTU path discovery ?

Would be happy about any answer.

Best regards

Volker Kreisel

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Gilles Dufour Wed, 11/21/2007 - 01:29
User Badges:
  • Cisco Employee,


the CSM itself does not set this flag or do PMTUD. It's the server behind the CSM that sets the flag or does PMTUD.

The CSM just passes what it receives to server or the client.

I would recommend to sniff the csm portchannel and filter on a client ip. You will see what is going on.

Also, if the traffic goes through the MSFC, you can use a policy-map to overrid the DF bit if you want.


v.kreisel Wed, 11/21/2007 - 09:30
User Badges:


thanks for your hint with policy-map on MSFC.

I'll discuss with my server providers if

we turn off PMTUD and configure MTU with fix length 1400 or if we go for the MSFC solution.


v.kreisel Fri, 11/23/2007 - 08:34
User Badges:


I think because of performance issues it makes sense to avoid fragmentation.

PMTUD is not working because ICMP(code3, type4) makes it only from tunnel to the CSM VIP and doesn't reach the server.

Is it possible to configure the CSM VIP in a

way that she can forward the ICMP packet to the right server ? (who send out a packet > 1400)



This Discussion