Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4070
Views
0
Helpful
4
Replies

CAPWAP channels Path MTU Discovery principles, AP Capwap Path max MTU change

vladakoci
Level 1
Level 1

‎05-05-2015 01:27 AM - edited ‎07-05-2021 03:08 AM

Cisco LWAP in FlexConnect mode uses two Capwap channels:

CAPWAP control traffic—Identified by UDP port 5246

CAPWAP 802.11 traffic—Identified by UDP port 5247

 

For some reason I would need to route user data ( UDP port 5247 ) through other WAN path with lower IP MTU, say 1326B,  different from the WAN path used for Capwap control traffic ( UDP port 5246 ) that has say 1500B MTU.
Seems the process is that the AP finds the IP MTU through the control Capwap channel, sets Capwap Path MTU to 1485B and uses it as a maximum also for the packets routed via UDP port 5247. Because some IP packets sent via UDP port 5247 might be larger, means over 1326B, the AP gets fragmentation needed and DF set unreachable ICMP from the router and sets its Capwap Path MTU to 1325B. After a while the AP sends 1485B IP packet through UDP port 5246 and resets its Capwap Path MTU to 1485B and this repeats.
Correct me if I am wrong and the process works different way. This is what I am reading from Wireshark sniff.

 

I would like to avoid this and also other potential troubles while having the two separate WAN paths with different MTUs.

 

Does anyone know how I could
either

  • Change the initial AP 1485B test packet to something lower, like 1325B. Means the AP would not try IP packets larger than 1325B. I tried to change MTU on BVI interface on the AP, this works, but unfortunately is re-written to default after AP reload.

or

  • Persuade the AP to use UDP port 5247 for the path MTU discovery process rather than UDP port 5246.

 

Unfortunately there is no way for me to do this on some other network device between the AP and WAN , like on a switch. It would be optimal, but no way.

 

 

Thanks,

Vlad

Labels:
0 Helpful
4 Replies 4

Doukoure.eric
Level 1
Level 1

‎05-18-2015 03:10 AM

Hi,

 

Would it be interesting to try to set de MTU on the ingress port of the Switch or the router directly connect to your AP in order to avoid the AP to reset the MTU according to UDP 5246 CAPWAP Control Flow?

 

Good luck.

0 Helpful

vladakoci
Level 1
Level 1
In response to Doukoure.eric

‎05-18-2015 05:08 AM

Hi,

 

Thanks.

Unfortunately there is no way for me to do this on some other network device between the AP and WAN , like on a switch. It would be optimal, but no way.

 

Vlad

0 Helpful

Doukoure.eric
Level 1
Level 1
In response to vladakoci

‎05-19-2015 02:42 AM

Hi,

 

OK then perhaps you should try to set the TCP sessions MTU via the 2nd WAN access used by the CAPWAP 5247.

In other word on the WAN interface for CAPWAP 5247 : "ip tcp adjust-mss <optimal MTU>

The effect will be that all the tcp sessions will be optimized this way.

It shouldn't be a problem if your WAN is already obviously reduced.

 

If the only device you could configure is the AP, perhaps you could do the same thing.

http://mrncciew.com/2013/04/07/configuring-tcp-mss/

 

Good luck

 

0 Helpful

vladakoci
Level 1
Level 1
In response to Doukoure.eric

‎05-19-2015 06:08 AM

Hi,

 

Thanks for the idea. Yes, this I am using, but it is purely related to the client's TCP traffic that is encapsulated into Capwap channel UDP port 5247 . It does not affect the other types of traffic that have nothing to do with client's TCP, such as for example authentication frames etc.

 

Vlad

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card