On 7/25/13 2:59 AM, Marc, LX1DUC wrote:
By defautl GRE provides an Layer3 MTU of 1476 bytes. How will you cope with packet fragmentation or in case DF=1 with ICMP type=3 code=4 (The datagram is too big. Packet fragmentation is required but the 'don't fragment' (DF) flag is on.) filtering.
Yes, but this is why we have PMTUD. It works fine so long as ICMP is not blocked. If ICMP is blocked, then some one along the path needs to get some clue. I've only encountered this on private networks (LAN's, and packet cores where IT runs it). Generally it's fixed with me screaming "YOU'RE BREAKING THE INTERNET STUPID!" ;)
Also as it only really efficts TCP, I solve it on my GRE tunnels with ip tcp adjust-mss 1436 in cisco set interface $interface ip tcp adjust-mss 1436 in juniper tcp-mss-adjust 1436 under an SDP config in Alcatel-Lucent
73's