cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2456
Views
25
Helpful
13
Replies

GRE-MSS

Hi Experts,

We've recently built a GRE tunnel from Cisco router to Cloud provider for Internet traffic. The tunnel has a default MTU of 1476 bytes (to accommodate the GRE overhead) and the WAN interface (connecting to ISP) is configured with MSS of 1360.

Some posts suggest configuring MSS on the Tunnel interface as well. Experiencing Internet slowness, should the MSS be configured on both the WAN interface and tunnel interface or just WAN interface config would suffice?

Thank you.

1 Accepted Solution

Accepted Solutions

"So, I'd like to know, in this case, will the MSS value set on the egress interface will not take effect?"

Yes and no.  Adjust-mss is only done during TCP handshake, which would be "invisible" on the physical interface for tunnel traffic.

Also, we don't want to adjust MSS for physical interface traffic, as it's not the problem.  It's the tunnel GRE overhead which often causes performance issues (due to fragmentation or too large packets being dropped with message to source to send smaller).

View solution in original post

13 Replies 13

balaji.bandi
Hall of Fame
Hall of Fame

In most cases, Physical Ethernet has a default 1500 MUT, so GRE needs 24 bytes, so setting 1476 on Gre Tunnel is valid here.

 

Experiencing Internet slowness, should the MSS be configured on both the WAN interface and tunnel interface or just WAN interface config would suffice?

 

Slowness Directly connecting to Ethernet and conducting test, 

or slowness using GRE Tunnel ?

if the slowness via the tunnel - this need to investigate, since your route going out via the tunnel to another side - where is the internet route going out?  so this required to investigate where the slowness adding.

some good example document explains :

https://www.cisco.com/c/en/us/support/docs/ip/generic-routing-encapsulation-gre/25885-pmtud-ipfrag.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Hi

Slowness experienced when traffic is routed via GRE tunnel. We've directly connected the cable to the router and no issues noticed via 'direct' internet.

Should the MSS value be configured on GRE tunnel as well?

Then you need to adjust Tunnel MTU/MSS based on the issue you having.

as others suggested - hope you found the solution by now.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

I do lab before and only tunnel mtu / mss is effect traffic if traffic is pass through tunnel.

Hi,

Thanks for the info. Shall I assume the MSS set on the egress interface will not take effect?

If yes, can you please advise let me know why is it so? (for my knowledge)

if you have multi GRE tunnel use same tunnel source and each one you need MTU/MSS different than other, how you can achieve this if you config it under tunnel source ?
that why tunnel MTU/MSS is override the MTU/MSS of tunnel source (WAN interface).

Thanks for the reply and it's been helpful.

 

Client-Server 
start TCP handshake 
client (which is your side) send mss 1000 
server (which is other side) if it have MSS value high than your side then the server side will select lower which is 1000
if it have MSS value lower than your side then the server send to client my MSS is lower and use it. 

You are so so welcome any time 

BTW, although I agree with @MHM Cisco World if you needed different MTU/MSS per tunnel, having those commands on physical interface would not allow differences.  However, as described in another posting, even if all the tunnels needed the same MTU/MSS settings, applying on the physical interface is not where you want to apply it.  First, the physical interface's MTU shouldn't be reduced and second the MSS command would have no effect on the tunnel traffic (as it "sees" IP GRE packets, not TCP packets).

Joseph W. Doherty
Hall of Fame
Hall of Fame

Physical interface should have default MSS and MTU.

GRE tunnel

IP MTU 

(not just MTU) should be 1476.

GRE tunnel

tcp adjust-mss

should be 1436 (IP MTU - 40).

BTW, if your hand-off is Ethernet, you might ask your provider if they support jumbo Ethernet.  If so, you could run GRE tunnel with an IP MTU of 1500.

Hi Joseph

Thanks for the reply. I've been going through other similar posts and your answers are very helpful

We're experiencing issues when traffic traversing through GRE and not via Egress interface which is connecting to the Internet. Cloud vendor (and other documentation) suggests configuring MSS on the GRE tunnel interface (Where the web traffic traverse through)

So, I'd like to know, in this case, will the MSS value set on the egress interface will not take effect?

"So, I'd like to know, in this case, will the MSS value set on the egress interface will not take effect?"

Yes and no.  Adjust-mss is only done during TCP handshake, which would be "invisible" on the physical interface for tunnel traffic.

Also, we don't want to adjust MSS for physical interface traffic, as it's not the problem.  It's the tunnel GRE overhead which often causes performance issues (due to fragmentation or too large packets being dropped with message to source to send smaller).

Review Cisco Networking for a $25 gift card