06-08-2021 04:13 PM - edited 06-08-2021 04:14 PM
Hi all,
Is there any reason why you would have MTU different inside a single VLAN? I have a problem that is too long to go into right now, but I have a Cisco ASR (SDWAN code) , a Palo Alto firewall and a Nexus switch all in the same VLAN. The network uses static routes to pass traffic from ASR, to Nexus and then to the firewall (no idea why). I have noticed the ip mtu is set as 1450 on the ASR VLAN sub-interface, the PA has a standard MTU of 1500 and the Nexus, well I am not quite sure as I don't have access.
Would any traffic passing through these devices on the LAN have any issues with this MTU mismatch? In a packet capture the 3 way handshake, shows a packet no bigger than 1378 being sent through the firewall, with a MSS of 1320 via clamping on ASR.
Thanks
06-08-2021 05:13 PM
Do you see any performance issue for now, or is this for clarification ? ( there may be some reason behind someone configured before set lower MTU to work, but you can do some test with higher MTU and see how your test goes and increase to what works in the network).
here are different scenarios of MTU how the packets are sent based on the MTU size when the packets are Fragment takes place.
06-08-2021 05:17 PM
I see performance issues for upload speeds to the SDWAN. There is a lot of moving parts and technology in the path as well.
I can get multiple TCP streams to reach 50 - 60mbits each, thats it. The total sum can be over 500 Mbits. Downloads with one stream I can get 500mbits with a 4Mb window size via iPerf.
We are about to test inside this VLAN with the MTU mismatch and bypass both Nexus and Palo Alto.
I will check your document, thank you.
Brad
06-08-2021 05:27 PM
Most of the new technology like SD-WAN/Access they looking MTU size 9K, because of VXLAN and other stuff,
if your device supports jumbo frames where possible, try to configure and test it.
06-08-2021 06:03 PM
This site is a spoke site, so I am just trying to transfer a file over transports back to the Hub site.
If I was to use 9K MTU then would all devices Nexus/PA/ASR need it? Would this be L2 MTU or L3 MTU and what would this achieve as if I did L3, then it gets fragmented as tunnel MTU over transport is 1442.
Brad
06-08-2021 06:15 PM
if the remote site, it all depends on how the provider offers. i do not believe it will not go beyond 1500 (until you have any dark fibre or VPLS or any special Links.
you can do with ping test sending data size see where the packet drops end to end.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide