cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
410
Views
8
Helpful
3
Replies

Fragmentation questions.

SludnevTN_2
Level 1
Level 1

I am searching for step by step guide to troubleshot fragmentation issues.

I have read some documents about fragmentation at cisco.com. But I do not see clear solution.

1. How can I use show ip traffic to understand do I have to do something or not?

2. Do I have to use path-mtu-discovery on GRE tunnel interfaces?

3. Where is the best place for ip tcp adjust-mss - inside or outside interfaces?

4. In what circumstances I need to use route-map with clear df bit?

5. Why and when do I need to adjust gre tunnel IP MTU?

6. I have UDP (RTP - IP Cameras) traffic passing through GRE tunnels - the picture is broken, a lot of artifacts. Can I do something with fragmented udp?

7. In what circumstances I need to use ipsec df-bit?

Thank you.

3 Replies 3

auraza
Cisco Employee
Cisco Employee

I'll try to answer your questions as best as possible:

1) This should show you if there were any fragmented packets. show ip traf | i Frag

2) No, you don't need to, as it is not reliable all the time unless you're allowing ICMP packet-too-big all through. DF-bit will need to be set to 1 as well for PMTUD to work.

3) ip tcp adjust-mss should be used on the inside interface

4) You shouldn't use this - this was done when the crypto ipsec df-bit clear command was not available

5) When path-mtu-discovery is not possible, but its always best to set this and not to pmtud. Value may vary, but 1400-1420 works best. It depends on the the type of encryption etc.

6)How do you know its getting fragmented? You can run "debug ip packet detail" with an access-list for the src/dst traffic and see if there are any fragments.

7) If you want to clear the df-bit, if you see packets getting dropped due to them being too big, and not being allowed to fragment. Ideally, with TCP traffic you want to use tcp adjust-mss so you don't have to clear the df-bit and the MSS is negotiated during the 3-way handshake.

Thank you.

Can I ask you some other questions regarding fragmentation a bit later?

Sure.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: