Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

IP fragmenatation issue with DMVPN

Dear Experts

We have Hub and spoke DMVPN over ADSL line .

the site -1 (Dubai) Services Provider has given ADSL line on Ethernet using GPON technology. even same cisco 2801 has terminated MPLS line over MPLS we have DMVPN .

Tunnel-1 is used for ADSL DMVPN

tunnel -2 is used for MPLS DMVPN .

Config for Tunnel -1 ---Branch Site

interface Tunnel1

description ** ADSL DMVPN **

ip address 10.10.10.16 255.255.255.0

no ip redirects

no ip proxy-arp

ip mtu 1492

ip nhrp authentication LanD3

ip nhrp map multicast dynamic

ip nhrp map multicast x.x.x.x

ip nhrp map 10.10.10.1 x.x.x.x

ip nhrp map multicast x.x.x.x

ip nhrp map 10.10.20.1 x.x.x.x

ip nhrp network-id 12

ip nhrp holdtime 600

ip nhrp nhs 10.110.10.1

ip nhrp nhs 10.10.20.1

ip tcp adjust-mss 1400

ip ospf network broadcast

ip ospf cost 20

ip ospf priority 0

keepalive 10 3

tunnel source Dialer0

tunnel mode gre multipoint

tunnel key 1

tunnel protection ipsec profile DMVPN

end

Same MTU and IP tcp Adjust-mss 1400 has used on Hub side cisco 3845 router.

Following Issue we are facing.

1. Client -Server based application is not working through Tunnel-1 ( I am able to reach servers from client)

2. RDP is not working .

I have try to reduce mss 1300,1340,1360 on both site tunnel but no use .

Even if ping -l 1400 to my server ip i am not able to ping.

If i am ping -l 1384 to server ip I am able to ping

IOS ver 12.4(20)T2

Apart from

I have another site ( Abu Dhbai )where ISP given ADSL line WITH same technology on ehternet where my ADSL DMVPN working fine with all Client -server based apps as well as RDP .

same configuration ON TUNNEL-1 config.

This site I am using 1841 with IOS 12.4.(15)T8 .

Pls help me to solve this issue wht could be the reason ??????

Is it issue with ISP that IP fragmentation is not supporting in DUBAI line.

1 REPLY
Anonymous
N/A

Re: IP fragmenatation issue with DMVPN

If it is IP fragmentation issue then one of the soultion would be configuring TCP MSS. The TCP Maximum Segment Size (MSS) defines the maximum amount of data that a host is willing to accept in a single TCP/IP datagram. This TCP/IP datagram may be fragmented at the IP layer. The MSS value is sent as a TCP header option only in TCP SYN segments. Each side of a TCP connection reports its MSS value to the other side. Contrary to popular belief, the MSS value is not negotiated between hosts. The sending host is required to limit the size of data in a single TCP segment to a value less than or equal to the MSS reported by the receiving host.

270
Views
0
Helpful
1
Replies
CreatePlease to create content