mtu mis-match
Justin M. Streiner
streiner at cluebyfour.org
Wed Mar 19 19:38:09 UTC 2008
On Wed, 19 Mar 2008, ann kok wrote:
> I have this problem about mtu mismatch
>
> Some DSL clients, some are working fine.
> (browsing...ping ...)
>
> Some DSL clients have this problem
> they can't browse the sites.
> they can ssh the host but couldn't run the command in
> the shell prompt
> ping packet are working fine (no packet lost)
>
> Why?
> but I still don't know why mtu can cause this problem
Are you using PPPoE to transport and manage your DSL users, or are they
bridged?
Ping packets, unless you specifically use a larger packet size, are
usually pretty small. Try running ping tests with a larger packet size,
say, 1495 bytes, and see if those fail.
HTTP, SSH, etc, can easily (and often do) generate packets up to the
maximum segment size. That's why MTU mismatches can seem to affect some
types of traffic but not others.
The 'lowest common denominator' for MTUs is often 1500 bytes, but
protocols that need to wrap or tunnel existing packets (GRE, PPPoE, IPSEC,
etc) impose some overhead of their own. Unless the MTU or TCP maximum
segment size of the original traffic is reduced a bit, the tunneled
packets will need to be fragmented for transport across the network. This
can lead to performance problems like the ones you're seeing. The magic
number for an MTU on PPPoE DSL is 1492 bytes, based on past DSL
aggregation work I've done.
jms
More information about the NANOG
mailing list