Re: Cannot send packets larger than 992 bytes

Devildoc007 · ‎11-18-2005

Can someone help me with this problem or point me in the direction to get more information on this problem? I would appreciate it.

I have a network with 2 Catalyst 6506 and 6509 switches. Two of the devices connected to the switch is not behaving normally. One is a VPN concentrator and the other a router. It seems that sometimes after i reboot the devices, i cannot send packets to those devices that are larger than 992 bytes. By powering them off and back on again, it seems to fix the problem. I could send packets larger than 992 bytes again. I checked the mtu on the interfaces of those 2 devices are set at 1500. So why is it that i cannot send packets that are larger than 992 bytes? Any help is greatly appreciated it. Thank you.

JD

a-vazquez · ‎11-24-2005

Looking into ur problem, I would just want to know some details:

Did u establish an ipsec tunnel b/w the VPN concentrator and the other end .If yes, then

you would need to run debugs on the router to see what is happening.

the TCP Maximum Segment Size(MSS) for PPP over Ethernet/ATM cannot be over 1452.

Lower the inside interfaces' MSS to 1400 on both end and check it out.

The reasons for this pblm may be:

You can also clear df bit and see if that works, by clearing the df bit the router should fragment

the packets if needed.

Also, there might be a device which have mtu size adjusted to 992 on your network, this might be on

the router/firewall/workstation. Please see if this is the case.

You can refer to the following document for more information on MTU and MSS issue:

http://www.cisco.com/warp/public/105/pmtud_ipfrag.html#subfirsttwo