Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
9562
Views
35
Helpful
6
Replies

configuring "ip mtu" "ip tcp adjust-mss" together !!?

Go to solution
mohammed hashim
Level 1
Level 1

‎04-03-2016 11:26 AM - edited ‎03-08-2019 05:12 AM

hi,

when we do something like:

interface Tunnel0

 ip address 1.1.1.1 255.255.255.0
 tunnel source Loopback0

 tunnel destination 192.168.1.1

 ip mtu 1400

 ip tcp adjust-mss 1360

IP MTU: command configure the total packet length,

the TCP header = 20 bytes, the IP header = 20 bytes, (both are fixed in size)

this means total will be 40 bytes, and then the total payload is allowed is 1360 bytes per packet,

ip tcp adjust-mss: To adjust what is the maximum payload size of the packet. this means if we configure it to be 1360 bytes, it is implicitly understood the total length of the packet is 1400 bytes,

then my question why do we need to configure ip mtu if we configure ip tcp adjust-mss?

Labels:
1 Accepted Solution

Accepted Solutions

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

‎04-03-2016 02:35 PM

Mohammed,

The ip tcp adjust-mss only affects TCP streams. Other kinds of IP traffic - UDP, SCTP, DCCP, ICMP, ESP, AH, to name just a few - won't be influenced by the ip tcp adjust-mss command, and so their datagrams must be fragmented at the IP layer. That's why it is necessary to properly configure the ip mtu command to let the router know how large the fragments of non-TCP-carrying IP packets can be.

Feel welcome to ask further!

Best regards,
Peter

View solution in original post

6 Replies 6

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

‎04-03-2016 02:35 PM

Mohammed,

The ip tcp adjust-mss only affects TCP streams. Other kinds of IP traffic - UDP, SCTP, DCCP, ICMP, ESP, AH, to name just a few - won't be influenced by the ip tcp adjust-mss command, and so their datagrams must be fragmented at the IP layer. That's why it is necessary to properly configure the ip mtu command to let the router know how large the fragments of non-TCP-carrying IP packets can be.

Feel welcome to ask further!

Best regards,
Peter

Go to solution
mohammed hashim
Level 1
Level 1
In response to Peter Paluch

‎04-18-2016 11:44 AM

thanks Peter,

it is clear,

0 Helpful

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to mohammed hashim

‎04-18-2016 12:54 PM

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages wha2tsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

BTW, something to understand, when using IP TCP adjust-MSS, the Cisco device needs to "see" the TCP handshake.  So, for example, in situations where active TCP flows are re-routed across a "backup" tunnel, IP MTU will also be used for "ordinary" TCP flows.

PS:

Also BTW

the TCP header = 20 bytes, the IP header = 20 bytes, (both are fixed in size)

this means total will be 40 bytes, and then the total payload is allowed is 1360 bytes per packet,

ip tcp adjust-mss: To adjust what is the maximum payload size of the packet. this means if we configure it to be 1360 bytes, it is implicitly understood the total length of the packet is 1400 bytes,

Usually, but sometimes not.  Remember, both for IP and TCP headers, options increase the header size.

When working with tunnels, PMTUD might be enabled.

More info can be found in Cisco's paper: http://www.cisco.com/c/en/us/support/docs/ip/generic-routing-encapsulation-gre/25885-pmtud-ipfrag.html

0 Helpful

Go to solution
mohammed hashim
Level 1
Level 1
In response to Peter Paluch

‎06-18-2016 04:19 AM

Peter,

in case of Multicast traffic UDP,

if the lower MTU was something like 1300 across the media.

then do we have to tune the MTU on the application level of multicast source? or it has to be done on the network level?

since there is no handshake between source and receivers to agree about MTU size!!

??

0 Helpful

Go to solution
lehman
Level 1
Level 1
In response to Peter Paluch

‎11-11-2022 05:36 AM

Thanks for explaining.  It solved my problem that TAC who made things delay and complicated.
I had a 350 Mbps line from ISP but when running GRE/IPSec it only gives 40+ Mbps.
After adding ip mtu 1400 &  ip tcp adjust-mss 1360 under Tunnel interface, now the bandwidth is up to maximum line speed. Thanks again.

0 Helpful

Go to solution
Peter Koltl
Level 7
Level 7

‎06-19-2016 02:48 AM

I don't think ip mtu 1400 is necessary.

"The intermediate router sends an ICMP (type = 3, code = 4) to the GRE router with a next-hop MTU of 1400. The GRE router reduces this to 1376 (1400 - 24) and sets an internal IP MTU value on the GRE interface. This change can only be seen when using the debug tunnel command; it cannot be seen in the output from the show ip interface tunnel<#> command."

http://www.cisco.com/c/en/us/support/docs/ip/generic-routing-encapsulation-gre/25885-pmtud-ipfrag.html

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card