IP MTU on gif and gre interfaces (with and without IPSec encryption)
Victor Sudakov
vas at sibptus.ru
Mon Mar 23 09:21:08 UTC 2020
Patrick M. Hausen wrote:
>
> > Am 23.03.2020 um 06:00 schrieb Victor Sudakov <vas at sibptus.ru>:
> > I've noticed that a newly created gre0 interface has the expected "mtu 1476"
> > value, but a newly created gif0 interface has "mtu 1280", why would the
> > default be so low?
>
> gif is frequently used as the innermost encapsulation like in gif tunnel
> across host mode IPsec. Then there might be PPPoE, too. Possibly a
> VLAN tag ...
Please correct me if I'm wrong:
- ESP overhead - 40 bytes
- UDP encapsulation of ESP (udp/4500): 8 bytes
- PPPoE overhead - 8 bytes (?)
- A VLAN tag just increases the max frame size, it does not reduce the IP MTU.
So we could keep the safe default for gif(4) at 1500-40-8-8=1444 bytes.
OK, at 1400 as for if_ipsec. But not at 1280!
> So most probably the idea is to go as low as possible for arbitrary additional
> encapsulations while still satisfying the minimum requirement for IPv6.
>
> For the others: no idea, I guess historical ;-)
Looks like it. But there are times to have a fresh look at things.
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
2:5005/49 at fidonet http://vas.tomsk.ru/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-net/attachments/20200323/64fdd68f/attachment.sig>
More information about the freebsd-net
mailing list