MTU & tcp adjust-mss configration in GRE tunnel

Answered Question
Jan 7th, 2008
User Badges:

we have GRE tunnel between data center and remote site on AT & T link in which IP MTU 1476 is configured in tunnel interface at remote site while and no Ip tcp adjust-mss command. And on data center end tunnel is configured with Ip tcp adjust-mss 1436.

so two question here.

1. does mtu and tcp adjust command required at both side of tunnel ?

2. what is difference between both command ?

thanks for help in advance.

Correct Answer by Richard Burts about 9 years 5 months ago

Amit


As I said I believe that it is best to have both commands together. But I do not believe that it creates problems to have only one at each end. I view these commands as complementary - they both work to address the same problem in different ways. One at each end is ok. I view both together as even better.


HTH


Rick

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Richard Burts Mon, 01/07/2008 - 04:37
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Amit


Lets start by identifying the issue that both commands are used to address. When traffic passes through a GRE tunnel the tunneling process adds an additional header to the packet (of 24 bytes length). This can cause fragmentation issues. Both of the commands are used to help with the fragmentation issue.


The ip mtu command changes the effective point at which IOS will recognize the need to do fragmentation and affects all kinds of traffic. The tcp adjust-mss affects TCP traffic but not other kinds of IP traffic. The adjust-mss command will cause the router to examine TCP traffic passing through the router looking for the SYN and SYN/ACK packets which initiate TCP sessions. The end stations use these packets to negotiate the Maximum Segment Size (which will control the size of packets that they send). Using adjust-mss the router will re-write the MSS in the negotiation so that the end stations will use smaller packets and will avoid the need for fragmentation.


It is not required to have both command on each side. But I believe that it is good practice to have both commands on each side.


HTH


Rick

amit.kango Mon, 01/07/2008 - 04:51
User Badges:

Hi Rick,


thanks for the excellent expalanation and i understand the difference between the both.

In our internal network only TCP traffic is allowed while UDP traffic i blocked.

to clear out all doubt my final query is will such configuration is acceptable ( to have ip mtu at one end and ip tcp adjust mss at other end) and does not create any errors(fragementation issue) due to this ?


Correct Answer
Richard Burts Mon, 01/07/2008 - 05:01
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Amit


As I said I believe that it is best to have both commands together. But I do not believe that it creates problems to have only one at each end. I view these commands as complementary - they both work to address the same problem in different ways. One at each end is ok. I view both together as even better.


HTH


Rick

Richard Burts Mon, 01/07/2008 - 05:07
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Amit


I am glad that my discussion of this was helpful. Thank you for using the rating system to indicate that your question was resolved (and thanks for the rating). It makes the forum more useful when people can read a question and can know that they will read responses which resolved the question.


I encourage you to continue your participation in the forum.


HTH


Rick

Actions

This Discussion