06-25-2008 01:03 AM - edited 07-03-2021 04:04 PM
Hello there,
I have following situation.
network---wlan controller4402----FW1---MPLS---FW2---Access points----networks
I can see very big amount of fragmented packets coming to FW2 and getting dropped in one moment. After those packets get dropped, access points get disconnected
I wonder, is there any documentation, or maybe some of you guys can give me some tip/trick how to set up WLC4402 to use TCP MSS, PMTU or any other settings that can help that IP Datagrams between 4402 and access points don't go over 1300B
Thanks a lot for any help
Regards
Milos
06-25-2008 01:34 PM
Don't know if the FW will let you do that, but maybe take a look at this link:
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_white_paper09186a0080901caa.shtml#frag
06-25-2008 01:59 PM
Hello,
Thanks for your response.
I'm a bit confused watching this document you gave me. I don't know which part of it can be related to prevention of IP Fragments between controller and AP-s.
Problem is that controller is located on one side of the network, and we have FW (non cisco), MPLS network, other FW and then APs
other FW across MPLS receive a lot of fragments, which of course should be defragmented for session inspection, so this leads to large CPU utilization and fragment drops.
If we can instruct controller to set MSS bits or to be involved in PMTU, then we could try to prevent end hosts to ever create large TCP/UDP segments/datagrams to be sent via LWAPP tunnel
Thanks for any advice
Cheers
Milos
06-25-2008 02:08 PM
Well the problem is that it was designed for AP to WLC locally and not really accross a WAN, unless you implement H-REAP. There is no configuration to set on the WLC nor the AP to change this at all Since the WLC knows how to put the fragmented packet back together.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: