|
Posted by on July 13, 2006, 10:01 am
If you were Registered and logged in, you could reply and use other advanced thread options
Hello everyone,
I experienced several MTU-related problems on site-to-site vpn tunnels,
e=2Eg. certain applications work well whereas others crash or don=B4t work
at all.
I did some tests but still MTU size is a mystery to me. I assumed, that
a ping from different clients from LAN A through VPN to server in LAN B
with don=B4t fragment bit set should result in the same possible maximum
packet size, but I experienced different sizes. How is max packet size
calculated? Of course it depends on the kind of tunnel etc., but why do
I get different max sizes?
Most tunnels I have tried were configured between two Cisco 1841, some
parts of configuration as following:
.=2E.
ip tcp path-mtu-discovery
.=2E.
crypto ipsec df-bit clear
.=2E.
interface Tunnel0
ip address 10.200.200.2 255.255.255.252
ip ospf authentication-key 7 xxx
ip ospf cost 10
ip ospf mtu-ignore
qos pre-classify
tunnel source 17.0.0.2
tunnel destination 17.0.0.1
tunnel mode ipsec ipv4
tunnel protection ipsec profile XXX
!
interface FastEthernet0/0
description Standleitung
ip address 17.0.0.2 255.255.255.0
ip mtu 1400
speed 100
full-duplex
!
I changed several settings above, such as "ip tcp path-mtu-discovery"
on or off etc., but still I didn=B4t get an result that fits to my
calculations...
Any tips, suggestions and also further readings are appreciated.
Thanks,
Julian
| 
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map