Hi

I have a MPLS network (not yet L3VPN) running over public internet.  The basic network is like this:

SERVER-------PE1-----P1-------------P2-----PE2-------SERVER

Between P1 and P2 there is the public internet and to connect the two P routers I have a dedicated IPSEC VPN, with GRE tunnel interfaces.

I have enabled MPLS / LDP over the tunnel interfaces, and on all other router interfaces as required.  I can confirm the LDP network is up and oeprational as I can ping toward each end.

I have set the ip mtu on the tunnel interfaces as 1400 at either end and have the ip tcp adjust at 1360 i norder to compensate for the IPSEC header and GRE etc.

However, I cannot for the life of me work out what the story is for the MPLS MTU.  If I turn off LDP on one of the tunnel interfaces (which essentially means everything passes through unlabelled, access top all services on either server from the other end is fine.  If I turn LDP back on again, I can only get to certain services (RDP / PING etc), but cifs, https websites arent accessible.  I have tried variations of MTU setting but not getting anywhere.

The tunnel interface will not allow me to set the MPLS MTU either - this only has the option of mpls mtu max which isnt helpful and makes no sense.  If I do a sh mpls interface detail it shows the MPLS MTU of the tunnel interfaces as 1476, which will be the underlay interface - GRE header (1500-24).  The underday interface MTU is 1500 on all other interfaces.

Your help with this would be very appreciated.

Thanks