Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Cisco>
  3. BBA
LAC/LNS --> L2TP MTU issues
cschmit at vo
May 15, 2006, 1:57 PM
Post #1 of 3 (8591 views)
Permalink
Recently we encountered MTU issues on our
DSL connections. We run a typical LAC-LNS
setup with the telco. LAC on the telcos
side are ERX boxes while the LNS used are
Cisco7200 with G1.

Affected by the MTU problems were some IPSEC VPNs
and radius connections.

While browsing through different sample configs
on the Internet I found the following commands
to be useful to address the mtu problem.


virtual template commands:
--------------------------

- ip tcp adjust-mss xxxx
- ppp mtu adaptive
- ip mtu xxxx
- mtu xxxx
- clearing the DF bit using a route-map

vpdn-group commands:
--------------------

- ip mtu adjust
- ip pmtu



My current LNS config regarding MTU is:
---------------------------------------

vpdn-group 1
accept-dialin
protocol l2tp
virtual-template 1
terminate-from hostname LAC
lcp renegotiation always
l2tp tunnel password 7 xxxxxxxxxxxxxxxxxxxxxxxx
ip mtu adjust
.
.
.
interface Virtual-Template1
ip unnumbered Loopback1
ip tcp adjust-mss 1420
ip mroute-cache
peer default ip address pool DSL_POOL1
ppp authentication pap chap
!


If anybody could comment on what combination of
commands is best to be used to solve the mtu
problem would be great.

Christian



_______________________________________________
cisco-bba mailing list
cisco-bba@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-bba
Re: LAC/LNS --> L2TP MTU issues [ In reply to ]
tiho.dragas at telekomcg
May 15, 2006, 11:43 PM
Post #2 of 3 (8372 views)
Permalink
>
> Hi Christian,
>
> I have working 7206VXR LNS, with following config:
>
> !
> interface Virtual-Template1
> mtu 1492
> ip tcp adjust-mss 1420
> ppp mtu adaptive
> !
>
> You could try this config also, I think it will work.
>
> Regards,
>
> Tiho D.
>
>
>>
>> ----- Original Message -----
>> From: "Christian Schmit" <cschmit@vo.lu>
>> To: <cisco-bba@puck.nether.net>
>> Sent: Monday, May 15, 2006 10:57 PM
>> Subject: [cisco-bba] LAC/LNS --> L2TP MTU issues
>>
>>
>>> Recently we encountered MTU issues on our
>>> DSL connections. We run a typical LAC-LNS
>>> setup with the telco. LAC on the telcos
>>> side are ERX boxes while the LNS used are
>>> Cisco7200 with G1.
>>>
>>> Affected by the MTU problems were some IPSEC VPNs
>>> and radius connections.
>>>
>>> While browsing through different sample configs
>>> on the Internet I found the following commands
>>> to be useful to address the mtu problem.
>>>
>>>
>>> virtual template commands:
>>> --------------------------
>>>
>>> - ip tcp adjust-mss xxxx
>>> - ppp mtu adaptive
>>> - ip mtu xxxx
>>> - mtu xxxx
>>> - clearing the DF bit using a route-map
>>>
>>> vpdn-group commands:
>>> --------------------
>>>
>>> - ip mtu adjust
>>> - ip pmtu
>>>
>>>
>>>
>>> My current LNS config regarding MTU is:
>>> ---------------------------------------
>>>
>>> vpdn-group 1
>>> accept-dialin
>>> protocol l2tp
>>> virtual-template 1
>>> terminate-from hostname LAC
>>> lcp renegotiation always
>>> l2tp tunnel password 7 xxxxxxxxxxxxxxxxxxxxxxxx
>>> ip mtu adjust
>>> .
>>> .
>>> .
>>> interface Virtual-Template1
>>> ip unnumbered Loopback1
>>> ip tcp adjust-mss 1420
>>> ip mroute-cache
>>> peer default ip address pool DSL_POOL1
>>> ppp authentication pap chap
>>> !
>>>
>>>
>>> If anybody could comment on what combination of
>>> commands is best to be used to solve the mtu
>>> problem would be great.
>>>
>>> Christian
>>>
>>>
>>>
>>> _______________________________________________
>>> cisco-bba mailing list
>>> cisco-bba@puck.nether.net
>>> https://puck.nether.net/mailman/listinfo/cisco-bba
>>>

_______________________________________________
cisco-bba mailing list
cisco-bba@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-bba
Re: LAC/LNS --> L2TP MTU issues [ In reply to ]
rodas at rocketmail
Jun 2, 2006, 6:51 PM
Post #3 of 3 (8281 views)
Permalink
Hi Christian.

My first advice is try to enable a bigger (than 1500) MTU between the
LAC and the LNS. That way you can get a bigger payload per packet.

If you can't I recommend what I'm using, so far without any problems:

vpdn-group (no changes regarding mtu's)

virtual template
mtu xxxx
ip tcp adjust-mss zzzz

You can have issues with udp or icmp packets but in my scenario that's
an accepted limitation (usually you won't see "important" traffic with
~1500bytes on udp or icmp over a PPPoX connection, but it's up to you).

Clearing the DF bit works but can bring the 7200-G1 down sooner than you
expect.

When I was working on this mtu issues I've found a nice document that
could help you get the right values (you can always do some math :) and
compare the several options you mention:

http://info.connect.com.au/docs/permconnections/adsl-customer-info.pdf

BTW this is a fine example of Service Provider to Customer technical
support.

Best Regards,

On Mon, 15 May 2006 - 22:57 +0200, Christian Schmit wrote:
> Recently we encountered MTU issues on our
> DSL connections. We run a typical LAC-LNS
> setup with the telco. LAC on the telcos
> side are ERX boxes while the LNS used are
> Cisco7200 with G1.
>
> Affected by the MTU problems were some IPSEC VPNs
> and radius connections.
>
> While browsing through different sample configs
> on the Internet I found the following commands
> to be useful to address the mtu problem.
>
>
> virtual template commands:
> --------------------------
>
> - ip tcp adjust-mss xxxx
> - ppp mtu adaptive
> - ip mtu xxxx
> - mtu xxxx
> - clearing the DF bit using a route-map
>
> vpdn-group commands:
> --------------------
>
> - ip mtu adjust
> - ip pmtu
>
>
>
> My current LNS config regarding MTU is:
> ---------------------------------------
>
> vpdn-group 1
> accept-dialin
> protocol l2tp
> virtual-template 1
> terminate-from hostname LAC
> lcp renegotiation always
> l2tp tunnel password 7 xxxxxxxxxxxxxxxxxxxxxxxx
> ip mtu adjust
> .
> .
> .
> interface Virtual-Template1
> ip unnumbered Loopback1
> ip tcp adjust-mss 1420
> ip mroute-cache
> peer default ip address pool DSL_POOL1
> ppp authentication pap chap
> !
>
>
> If anybody could comment on what combination of
> commands is best to be used to solve the mtu
> problem would be great.
>
> Christian
>
>
>
> _______________________________________________
> cisco-bba mailing list
> cisco-bba@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-bba
>
>
--
Rodrigo Curado
_______________________________________________
cisco-bba mailing list
cisco-bba@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-bba

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal