Bernhard Schmidt berni at birkenwald.de
Mon Aug 28 14:05:10 CEST 2006

Iljitsch van Beijnum wrote:

>> A common problem with tunneling is also that the two ends of the
>> tunnel are configured with different MTUs, which cause problems even
>> if PMTUD might work. I've seen this happen many times.
> Actually I don't remember this being a problem in my tests because
> tunnel implementations tend to be able to receive packets that are
> larger than their MTU. I.e., when there is a tunnel between a Linux
> system (usually 1480 byte tunnel MTU) and a BSD system (usually 1280
> byte tunnel MTU) and the Linux system sends a 1480 byte packet, the BSD
> system accepts the packet.

I've seen Cisco routers (and I think I heard of Juniper routers doing
that as well) choosing the IPv6 MTU based on the IPv4 MTU (minus
tunneling overhead) on the egress interface towards the tunnel
destination. Which means if your path to the tunnel destination is
through a POS interface with an MTU of 4470 Bytes, the automatically set
IPv6 MTU of an IPv6-in-IP tunnel is 4450 Bytes. If the complete path to
the destination does not support 4470 Bytes, things will break.

This happens quite often if a 1500 byte packet comes along and is
encapsulated in 1520 bytes IPv4, which is then dropped somewhere along
the path to the tunnel destination.


More information about the ipv6-ops mailing list