Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
395
Views
0
Helpful
0
Replies

DMVPN MTU Question

sayrmatics
Level 1
Level 1

‎10-14-2016 03:23 AM - edited ‎03-05-2019 07:16 AM

Hello

i have DMVPN setup at a customer site...which is largely working fine. However, I have noticed something on one of the hub routers (ISR4451x running IOS-XE 15.4 (3.13.2s) which is easy to explain away as a bug but will appreciate gaining some insight into?

The mGRE interfaces (hub/spoke) are configured with ip mtu 1416. On most routers (largely ISR4xxx, a few 29xx) I have checked, I see the following:

show crypto ipsec sa detail | i mtu
plaintext mtu 1378, path mtu 1416, ip mtu 1416, ip mtu idb Tunnel0

However, on the hub router in question, this is what i see:

show crypto ipsec sa detail | i mtu
plaintext mtu 1458, path mtu 1500, ip mtu 1500, ip mtu idb (none

I'm guessing the ip mtu idb is the key in all of this and that IOS will select this based on what interfaces have crypto maps or tunnel protection ipsec applied but in what scenario will the platform be unable to determine the ip mtu idb and just use the default?

This has recently become "interesting" as there are data transfer issues from one of the remote sites to this hub site and I am eliminating suspects as I look into it.

Thanks in advance

Sayre

1 person had this problem
Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card