MTU

De ClissXXI.

Les problèmes de MTU, c'est une sombre histoire de taille de paquets IP plus ou moins bien découpés/recollés. Ça nous a bien ennuyés pour configurer un accès VPN - sans réelle solution au final. Quelques notes pour plus tard:

  • on d'un ICMP unreachable, R1 initialise le MTU à 1000-24=976 octets [1]
mturoute.exe -m 1425 10.10.0.1 -> déconnexion
# ICMP payload of 1423 bytes suceeded.
# ICMP payload of 1424 bytes failed..

mturoute.exe -m 1424 10.10.0.1 # -> OK (behind Wanadoo)
  • man iptables: TCPMSS / (usually limiting it to your outgoing interface's MTU minus 40) => where does "40" comes from?
  • my pptpd-options
#MTU stuff
# 1500 is common for PPP
# GRE adds a 24-bit header
# => 1476
# According to my tests (W98+NAT), not higher than 1455.
mtu 1455
mru 1455
#default-mru

# And according to mturoute.exe, my max is 1424 (connection hangs
# whenever I try -m > 1424). Note that the connexion never hangs if I
# set mtu/mru to 1455 (but still fails with ICMP payload of 1424 or
# more).

# 1455 = 1500 - 24 - 20 (ip?) - 1?
# whatever...

# With a W2K behind Free, mturoute reports a max ICMP payload of 1372,
# and a Path MTU of 1400 bytes. No disconnection to report whatever
# the ppp MTU.

# With a W98+QEMU+Free, mturoute reports a max ICMP payload of 1434,
# and a Path MTU of 1462. No disconnection to report whatever
# the ppp MTU.
Outils personnels