However, in practice, the external interface will usually be a regular Ethernet interface supporting up to 1500 bytes MTU (sometimes even less, e.g., PPPoE on the Security Gateway, or on the next hop router). If the link of the external interface of a Security Gateway - on which the encapsulated packets will be transmitted - would have MTU large enough to compensate for the encapsulation overhead, then the encapsulated big packets will be forwarded, and there would be no fragmentation issues. MTU on the path may be lower (due to the tunnel overhead), than what is configured on their local interfaces (usually client and server will have Ethernet interface with MTU of 1500 bytes). The issue occurs when the server or the client send relatively big packets as they are not aware of the MTU on the path. When tunneling IP packets, there is an inherent MTU and fragmentation issue.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |