IP Fragmentation probelm

Unanswered Question
Apr 13th, 2008
User Badges:

hi all,

i wouldn't like to have fragmentation at destination end when i estabilsh a GRE Tunnel for my end.


i am estabilishing a GRE tunnel from Customized box to CISCO router ,is there a way to solve the MTU PROBELM (fragmentation issue)


An solution i heard from cisco is that

to use Path MTU discovery command but i am not sure whether it has to be applied on both sides.


any suggestions

rick, mohammed, and many experts in this forums request your support on this


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Shiva,


Generally the next hop device would send an ICMP framgentation needed back to the end that is sending to much data. This also happens when the DF (Do not fragment) bit is set by the host. Also when the connection is established between hosts - they should negotiate the MSS.


I have seen this issue solved in 2 ways


1) Set the MTU of the GRE interfaces to 1400

2) On the hosts themselves - set the MTU to 1300


I know that you can enable PMTUD in the windows registry - but have never tested this.


The easiest way to disvoer what the optimum MTU is - just ping a remote end device and set the DF bit, and drop the size of the ping until you get a response i.e-


c:\>ping x.x.x.x -f -l 1350

c:\>ping x.x.x.x -f -l 1300

c:\>ping x.x.x.x -f -l 1250


HTH


shiva_ial Mon, 04/14/2008 - 21:52
User Badges:


thanka for your reply


my question

one end of the GRE tunnel is from (ARBOR box)

linux customised box and tunnel lands in cisco router other side


i cant make changes of mtu in this arbor box is the probelm and i need a solution that can be done on tunneling end cisco router


or any solution that avoids fragmentation


rgds/shiva



shiva_ial Tue, 04/15/2008 - 03:54
User Badges:

thanks,

i already come across that pdf my probelm is both ends are not cisco routers.


one end is linux customized box where gre tunnel is created.other end is cisco router.


no way to put the commands or adjustments in that linux customized box ...





rgds/shiva




Shiva,


Then in my opinion you should either:-


1) Change the MTU of the NIC cards of the devices


2) Enabled PMTUD on the machines - assuming they are windows OS


But enabling the PMTUD is the same process of pinging the remote end with the DF bit set to find the MTU. So why is fragmentation not an option???


Actions

This Discussion