Alexander Gall gall at switch.ch
Mon Aug 28 14:57:14 CEST 2006

On Mon, 28 Aug 2006 14:05:10 +0200, Bernhard Schmidt <berni at birkenwald.de> said:

> Iljitsch van Beijnum wrote:
>>> A common problem with tunneling is also that the two ends of the
>>> tunnel are configured with different MTUs, which cause problems even
>>> if PMTUD might work. I've seen this happen many times.
>> Actually I don't remember this being a problem in my tests because
>> tunnel implementations tend to be able to receive packets that are
>> larger than their MTU. I.e., when there is a tunnel between a Linux
>> system (usually 1480 byte tunnel MTU) and a BSD system (usually 1280
>> byte tunnel MTU) and the Linux system sends a 1480 byte packet, the BSD
>> system accepts the packet.

> I've seen Cisco routers (and I think I heard of Juniper routers doing
> that as well) choosing the IPv6 MTU based on the IPv4 MTU (minus
> tunneling overhead) on the egress interface towards the tunnel
> destination. Which means if your path to the tunnel destination is
> through a POS interface with an MTU of 4470 Bytes, the automatically set
> IPv6 MTU of an IPv6-in-IP tunnel is 4450 Bytes. If the complete path to
> the destination does not support 4470 Bytes, things will break.

This by itself is only a problem when PMTUD is broken along the path
(or the endpoints are buggy like Pekka reported).  In any case, if you
let the endpoints chose the MTU independently, chances are that
they'll pick different values and the tunnel won't work in general,
even when the packets do arrive on the other side.


More information about the ipv6-ops mailing list