Resolve IP Fragmentation, MTU, MSS, and PMTUD Issues with GRE and IPSEC – Cisco
http://www.cisco.com/c/en/us/support/docs/ip/generic-routing-encapsulation-gre/25885-pmtud-ipfrag.html
It seems somehow I’ve never managed to run across this particular article describing path MTU discovery (PMTUD) in conjunction with IPSec and GRE tunnels. Scenario 10 is a particularly good and detailed description of how it can go, even taking into account situations common to PPPoE DSL connections which have an MTU of 1492 (the 1400-byte MTU link in the scenario would have the same effect).
Ran across this one while looking for any documentation/information about AT&T ignoring the DF/”don’t fragment” bit and proceeding to fragment at will, breaking path MTU discovery. I’d love to find a way to get them to stop doing that on my connections, and just let the protocol work as it is supposed to.
Leave a Reply