On Wed, Aug 10, 2011 at 12:57:44AM +0000, Franck Martin wrote:
I'm using a GRE IPv4 tunnel between a cisco and linux machines
Can you mail: IOS: - sh run int TuX - sh int TuX | i MTU - sh ip int TuX | i MTU Linux: - output of "/sbin/ip link show greX" (or whatever your GRE interface is named)
I did some packet capture, and saw that my MTU was 1418
What MTU? Including which overheads? :-)
but the cisco was sending TCP packet with a MSS of 1380.
Using which TCP options? How large was the TCP overhead?
This created a bunch of issues. When I told the cisco box to use a MSS of 1378 everything starting to work fine.
So why Cisco is off by 2 Bytes?
The only GRE options using 2 bytes are GRE checksum and offset. Haven't seen any of them being used by default by IOS. IOS default GRE payload MTU traversing an IPv4 MTU 1500 egress interface is 1476 (1500 minus 20 octets IPv4 header, 4 octets GRE header). But e.g. TCP SACK permit option on SYN packets would be 2 octets.
Does the GRE implementation on Linux uses 2 extra bytes compared to Cisco (or vice versa)?
Not by default, in my experience. Best regards, Daniel -- CLUE-RIPE -- Jabber: dr@cluenet.de -- dr@IRCnet -- PGP: 0xA85C8AA0