03-19-2014 11:22 AM - edited 02-21-2020 07:34 PM
Hi,
Please can someone help me understand why I am able to transmit a 1472 Byte packet without fragmentation across DMVPN Tunnel (IPSec protection mode)..
This is what I am expecting
The Tunnel runs over Ethernet (1500 Bytes) 1500 – 76 = 1424Bytes.. So how am I able to transmit 1472Bytes, I’ve checked the Links and can see the ESP encapsulation etc.. What have I got wrong?
Thanks
Grev
03-20-2014 04:04 AM
You mean no fragmentation on the router, but what about reassembly on remote end.
How was this confirmed? How was it tested? What platforms? What versions? What configurations? There's lots of small bit that could add into it. :-)
At a glance it looks like DF bit was not copied over to IPsec header. Again, it's just a shot in the dark :-)
I would really suggest opening a TAC case for this, this description tickled something in my memory, but I can't put my finger on it.
03-20-2014 04:04 AM
Among others, this one rings a bell - CSCtq09372
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide