Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 6 replies
  • Subscribers 4 subscribers
  • Views 13467 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

RED Interface MTU same as WAN MTU?

zoidberg

I am using Multiple RED tunnels on our UTM.

Obviously they use the Wan interface on our UTM's so do I set the MTU size on the RED interfaces the same as the WAN MTU size?

Wouldnt an 1500 MTU on an 1492 MTU WAN Interface force the UTM to fragment each Packet?

Thanks in advance for your thoughts.

 



This thread was automatically locked due to age.
Parents
  • 0

    What result do you see from:

    ping -I 10.10.10.1 10.10.10.2 -s 1500 -M do

    Where .1 is the IP on your end of the tunnel and .2 is at the other end.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hi Bob,

    with:

    ping -I 192.168.221.1 (UTM) 192.168.221.2 (Remote PC) -s 1500 -M do

    i got:

    From 192.168.221.1 icmp_seq=10 Frag needed and DF set (mtu = 1500)

    1472 is the only MTU that works.

     

    Interface settings: WAN MTU 1492; RED MTU 1500

     

    Is there a general recommendation for this?

  • 0 in reply to zoidberg

    1472, I guess there is a VDSL line related? Maybe on the RED side?

    My feeling would be to adjust the RED MTU to that value.

    But the question is interesting.

    Best

    Alex

    -

  • 0 in reply to Alexander Busch

    Hi Alex,

    thank you for your post.

    I am still wondering why nobody came direct with a clear recommendation.

    Kind of a VDSL is included in this construct.. a PPPoE connection.

    Maybe the 1472 is resulting from 1492 WAN MTU - 20 byte IP Header.

     

    "My feeling would be to adjust the RED MTU to that value."

    ->Same here

    It would be nice to hear more ideas

     

Reply
  • 0 in reply to Alexander Busch

    Hi Alex,

    thank you for your post.

    I am still wondering why nobody came direct with a clear recommendation.

    Kind of a VDSL is included in this construct.. a PPPoE connection.

    Maybe the 1472 is resulting from 1492 WAN MTU - 20 byte IP Header.

     

    "My feeling would be to adjust the RED MTU to that value."

    ->Same here

    It would be nice to hear more ideas

     

Children
Unfiltered HTML