I can ping a particular router say site X with 1500 byte packets pretty well from all of our wan sites however when I ping the same router from a pc or a lan device from the same wan sites the 1500 pings dont go through, 1472 pings go through but from 1473 onwards they fail. trying ping x.x.x.x -f -t -l 1473 gives me the following message : Packet needs to be fragmented but DF set.
Would it be an mtu issue within the retail carrier cloud or our router at site X? Some sort of mtu negotiation is failing maybe from a partcular device to our pc but which device? Plus why do router to router pings of 1500 bytes work and as mentioned above from pc to the same router it fails? If someone has come across this can you please advise.
What is the topology that we have in here. I think there is some routing device in the middle which doesnot support the MTU size over 1472. This could be the problem with the NIC card itself.
Switches do not support fragmentation so it has to be either a L3 device or the NIC cards itself.I have come across some of the NIC cards which do not support 1500 MTU size. Make sure that all the intermediate devices have proper MTU on the interfaces and if its there then the problem will be with the NIC card itself.
thanks Amit. 1500 pings from the same pc works ok to the other sites however only site X fails so it probably is not a pc issue. However pinging from the routers and switches from all these site to the site X router and 1500 pings are fine.
Thanks Amit. I got the same result from the other sites. I also found out that it seems to work from 1560 bytes onwards - funny! I have reloaded the router but to no success. (Also the symptoms are in both directions.) Hence it seems packet sizes from 1473 bytes to around 1550 bytes (roughly) have problems and the rest work!
This document gives several answers on frequently asked questions for PFRv3 channel state behavior.
Q1: What are all the channel operational states from a BR (border role) perspective and what are the rules/conditions to be in each st...
The need was to reach an host inside a LAN through a VPN connection managed by the LAN gateway (Cisco 1921).
The LAN gateway performs NAT and there was a dedicate nat rule for the host i wanted to reach through VPN.
I couldn't connect to the hos...