Setting MTU to a lower value ... what other impact ?

Setting MTU to a lower value ... what other impact ?

Post by noon » Thu, 29 Jul 2004 16:58:44



I have Solaris8 installations on SPARC in a co-location site behind a CheckPoint FW-1 VPN.
To access these hosts, one has to use CheckPoint SecureRemote.

Now within the VPN tunnel, when doing an initiating an FTP download or scp download from windows, the download completes.
But when doing an FTP upload / scp upload from windows to the Solaris hosts, the upload fails.

The eventual solution was to change the MTU setting on the Solaris host from 1500 to 1400.
This MTU setting was not changed on all the Solaris hosts on the data centre.

Is there any adverse impact from reducing the MTU?

 
 
 

Setting MTU to a lower value ... what other impact ?

Post by Anton Ran » Thu, 29 Jul 2004 23:21:31



> The eventual solution was to change the MTU setting on the Solaris
> host from 1500 to 1400.

> Is there any adverse impact from reducing the MTU?

It will slow down any TCP/IP transfers (well, at least those which are
larger than 1400 bytes) slightly.

Anton

 
 
 

1. NAT and ISP problem: lowering mtu and disabling ECN did not solve

Good morning, I'm Giacomo Strangolino from Italy.

I posted some days ago a problema about NAT and Internet Service Provider
problems:

I finished developing an ipv4 forewall with NAT/MASQUERADING and have been
testing it
for some time with success connecting from home to my ISP named "libero".

Then i changed ISP to another one, called "telecom" and with great surprise
i discovered that
images from sites and also sites failed to load.

So now, when i call an ISP all works fine, when i call the other, things go
wrong.

I NAT machines behind my firewall changing only ips and ports, and
recalculating checksum (ip and tcp/udp)
to adjust such changes.
I do not touch any other field as window size or seq number or ack, since
the only things i manipulate are
addresses and ports.

I was wondering what i could do to solve, since iptables and ipfw+natd on
freeBSD or winXP sp2 work fine
with this ISP...

Tweaking with ethereal i found that probably sometimes a tcp segment gets
lost.

 * Thanks to news help, i tried to lower MTU and to disable ECN, but the
problem persists. *

My firewall is a 2.6.12 kernel module which registers with netfilter hooks.
A userspace program sends rules to
kernel via netlink.

I thank anyone who could help me find the way to fix the problem or
understand what could be wrong with an
ISP network and anyway work fine with the other.

Thanks a lot

Giacomo S. Udine, Italy

2. binutils

3. TCP delays when switching to lower MTU/MSS on Solaris 2.5.1

4. How to read the IP address

5. Lower MTU LIMIT? (RH4.0) was FTP hanging.

6. lilo on w95

7. what is impact of high xcal value in mpstat

8. Newbie Install

9. TCPIP: How to lower the timeout value for waiting for a DNS?

10. Cron lowering nice value of jobs run

11. lower nice value sans asroot

12. How to get MTU value?

13. How to modify MTU value under DIP slip mode ?