Giuseppe Larosa Tue, 09/01/2009 - 09:24

Hello Meenakshi,

this is a sign of MTU problems you may need to reduce the mtu on client lan side for example:

int vlan 100

ip mtu 1480

Is this an MPLS scenario, are you using PPPoE, ipsec?

how much to decrease the mtu depends on your network scenario

Hope to help


tmsundar81 Tue, 09/01/2009 - 10:07

Here is the scenario

I have a system A -> layer2 switch1 -> layer3 switch2 -layer3 switch3 -> router1 -> router2 -> internet ---- remote location

I get the message from router1 which is configured for ipsec towards client, the beauty is, the frame size is 1460 which gives this error and at the same time I have another frame size of 1514 which passes through the same ipsec tunnel… the MTU on the interfaces all the way are 1500..

Giuseppe Larosa Tue, 09/01/2009 - 10:27

Hello Meenakshi,

the 1514 byte size packet is fragmented by packet originator device.

the 1460 bytes is sent in a single packet by packet originator device.

During its travel in the network it reaches a device that adds overhead (IPSec likely) and a need to fragment arises.


Hope to help


tmsundar81 Tue, 09/01/2009 - 10:47


I have attached two file working and not working

look for source and destination in working file

look for source and destination in not working file

i believe no fragmentation is done..



This Discussion