MTU and L2Tv3

antonio.guirado · ‎10-07-2013

Hello,

I have a problem with MTU in a xconnect using L2Tv3. I do not change the MTU in the host.

I can check that ip tcp mss adjust command in the xconnect interface does not work.

The performace now is very bad. If I change the MTU in the host then performance is better.

So I think is a MTU issue. Any ideas?.

Thanks.

This is my configuration:

FINTEGRA-SEDE-RT01#sh run

Building configuration...

hostname FINTEGRA-SEDE-RT01

!

ip cef

!

l2tp-class class1

authentication

hello 12

password 7 XXXX

retransmit retries 5

!

multilink bundle-name authenticated

vpdn enable

!

vpdn-group pppoe

!

pseudowire-class PSVLANS

encapsulation l2tpv3

protocol l2tpv3 class1

ip local interface Dialer0

!

interface GigabitEthernet0/1

no ip address

duplex auto

speed auto

media-type rj45

no negotiation auto

!

interface GigabitEthernet0/1.1

encapsulation dot1Q 1

xconnect X.X.X.186 1 encapsulation l2tpv3 pw-class PSVLANS

!

interface GigabitEthernet0/1.6

encapsulation dot1Q 6

pppoe enable group global

pppoe-client dial-pool-number 1

!

interface GigabitEthernet0/1.999

encapsulation dot1Q 999 native

!

interface Dialer0

ip address negotiated

ip mtu 1492

ip nat outside

ip virtual-reassembly

encapsulation ppp

ip tcp adjust-mss 1452

dialer pool 1

dialer idle-timeout 0

dialer-group 1

ppp authentication pap callin

ppp pap sent-username xxxxx@xxxxx password 7 xxxxxx

ppp ipcp route default

no cdp enable

!

ip forward-protocol nd

no ip http server

no ip http secure-server

!

ip route 0.0.0.0 0.0.0.0 Dialer0

!

antonio.guirado · ‎10-08-2013

Hello again,

this morning I have tried to change the pseudowire-class:

pseudowire-class PSVLANS

encapsulation l2tpv3

protocol l2tpv3 class1

ip local interface Loopback1000

ip pmtu max 1400

ip dfbit set

!

The problem is the same. The performance is very bad (or it does not work) when I try to visit a web site.

I am very surprised by poor performance of c7200 (NPEG1) in this kind of tunneling. Besides the only

solution I see is change the MTU in all hosts. We are going to use GRE tunnels (L3 connections) because

we can use ip tcp mss adjust command.

I don't think that none has the same problem

Thanks.

Regards.

jamie.grive · ‎10-08-2013

Hi Antonio,

Have you tried putting the adjust-mss command on the ingress Gigabit interface (the interface towards the hosts) and see if that makes a difference?

antonio.guirado · ‎10-08-2013

Hello,

yes i did it. The problem is that the interface encapsulate traffic without change the MSS. I have tried

3 different IOS. I think that if you use the xconnect command the adjust-mss command has no effect.

Thanks any way.

Regards.

antonio.guirado · ‎10-08-2013

Hello again,

I need a L2 tunnel over a comercial FTTH connection that use pppoe. I have used L2TPv3 and now EoMPLS over GRE.
I know that L2TPv3 can fragment the packets automatically but as I have said the performance in a NPG1 c7200 is
not very good (5-10Mbps). If I configured the MTU in the host the performance is better (20-30Mbps).

In theory PMTU should work but everybody knows that ICMP packets can be filtered. So some web sites are
very slow.

Now I have tried EoMPLS over GRE. The problem is the same. I need to reduce the MTU in the host. I do not know the

performance in a real c7200 .I can not increase MTU in the CORE links because is a remote site that using a comercial connection.

I can't understand why "ip tcp adjust-mss" does not work. Well I know that the xconnect is before TCP inspection so
the router does not change the MSS in the TCP SYNC packet. This can not be considered as a bug but I think can
be considered as a interesting feature in this scenarios (can some people cisco tell something about it?).

Finally, there is any others solutions for a L2 connection through a comercial (DSL, FTTH,...) connection without

changing any paremeter in the hosts?.

Thanks in advanced.

Regards.