I have a question regarding inter-AS MPLS interconnect configuration.
We are currently experiencing an MTU problem on an interconnect using EBGP redistribution of labelled vpnv4 routes (type B in RFC 4364). It appears that labelled packets of size 1500 bytes or more are not able to traverse the inter-AS link when the "Do not fragment" flag is set in the IP packet header even though the interface MTU is set to 4470 bytes.
An ICMP "undeliverable, cannot fragment" message is returned to source from our ASBR. This message even shows that the MTU of the next hop link is 4466 bytes and that the undeliverable packet size is 1500 bytes. IP (i.e. not labelled) pings > 1500 bytes can be sent across the link without problems with the DF bit set. This problem does not occur on LDP or RSVP enabled MPLS interfaces in our network.
The interface configuration for the outgoing interface on our ASBR isâ¦.
description >>> XX to router eer01 port 3/0 Suite 00/149 position 08 <<<<
ip address X.X.X.X 255.255.255.252
no ip directed-broadcast
carrier-delay msec 0
no negotiation auto
mpls bgp forwarding
Does MPLS MTU need to be explicitly configured on type B interconnect interfaces?
Your problem seems bit weird. I am aware of 3 types of MTUs namely- interface MTU, IP MTU and MPLS MTU. IP and MPLS MTU should be preferrably less than or equal to interface MTU and defaults to interface MTU when the router boots up.
IP MTU- IP MTU specifies whether a non-labelled packet forwarded through the interface needs to be fragmented. IP MTU tracks interface MTU. IP MTU has to be lower than or equal to interface MTU. If interface MTU is changed, IP MTU is changed automatically. However, if IP MTU is changed (lower than or equal to interface MTU), it will not change the interface MTU and will appear in the running configuration.
IP MTU defaults to interface MTU when the router first boots up.
MPLS MTU- MPLS MTU specifies whether a labelled packet (packet with shim-header) forwarded through the interface needs to be fragmented. MPLS MTU can be higher than interface MTU, however the router warns such a change because that could result in data corruption, high CPU utilization and packet drops.
If the interface MTU is less than 1524 bytes, you can set the maximum MPLS MTU to 24 bytes more than the interface MTU. For example, if the interface MTU is 1520 bytes, the maximum MPLS MTU can be set to 1544 bytes.
However, if the interface MTU is equal to or more than 1524 bytes, then you can set the maximum MPLS MTU equal to interface MTU. For example, if the interface MTU is 1600 bytes, the maximum MPLS MTU can be set to 1600 bytes.
MPLS MTU defaults to interface MTU when the router first boots up. If interface MTU is changed, the MPLS MTU is also set to that value automatically. However, the reverse is not true.
Cisco recommends that if MPLS is used, the MPLS MTU command is configured on the interface to a value less than or equal to interface MTU.
Very nice reply - thank you for that. Please allow me a couple of questions, though.
What do you understand under "interface MTU"? Is that the maximum size of the payload inside a frame? With Ethernet, it would be 1500B.
Then, you wrote: If the interface MTU is less than 1524 bytes, you can set the maximum MPLS MTU to 24 bytes more than the interface MTU. Why exactly 24? Also, Cisco routers seem to warn only about packet forwarding problems including packet drops when the MPLS MTU is oversized but they don't seem to complain about high CPU utilization - that would be more logical if the MTU were too low. Am I mistaken here?
Even further, you wrote: Cisco recommends that if MPLS is used, the MPLS MTU command is configured on the interface to a value less than or equal to interface MTU. However, if the interface MTU is 1500B, keeping the MPLS MTU to the interface MTU will require fragmentation of IP packets larger than 1496B. Would not this fact cause an unnecessary load on the CPU because of the fragmentation? Further on, how does Cisco's recommendation of keeping the MPLS MTU lower or equal to the interface MTU align with the fact that it will require unnecessary fragmentation?
I admit I am somewhat confused regarding the recommended MTU settings. By the way, it would interesting to know what is the real maximum total frame length including the header and CRC trailer supported on Cisco's FastEthernet interfaces. That would eventually resolve these considerations, I believe.
Setting MTU is interface driver dependant so based on the driver, you will have different range available. Usually The Fastethernet card driver can accept frame up to 1524 Bytes (Baby Giant)to support the overhead of most of the tunneling techniques with original packet of 1500 Bytes. This is a ingress check.
MTU is used only for egress check.
On FastE, you can't change the physical MTU and IP MTU can't be higher than the MTU so to be able to send 1500 Bytes IP packet, you need to increase the MPLS MTU.
For other interfaces type like GE and 10GE, we have giant frames support so no worries anymore and that's why in those cases, you don't need to set the mpls mtu
Here is the link about mpls mtu command behavior change:
With XR 4.2.0 the ASR9000 is releasing a new line of hardware models. This amongst others is the RSP440, the next generation RSP with faster switch fabric along with Typhoon based Linecards, the next generation network processor.
The Cisco EPN system incorporates a network architecture designed to consolidate multiples services on a single Multiprotocol Label Switching (MPLS) transport network. This network is designed primarily based on...
Internet security is important with the increasing attacks that are happening every day. Many internet and browsing security solutions exist, but some are not very easy to use or maybe the question is how can I enable them?