> -----Urspr|ngliche Nachricht----- > Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Im Auftrag von George Paschos > Gesendet: Donnerstag, 6. Mdrz 2008 11:47 > An: misc@openbsd.org > Betreff: Regarding MTU values on 802.1q trunked physical > interfaces (and more) > > Hello all, > > I am a bit confused regarding the MTU value of the physical ethernet > interfaces when there are vlan child interfaces configured, > in regard to > avoid unneeded fragmentation: > > "ifconfig" shows an MTU of 1500 for both the parent and the vlan > interface. Should I increase by hand the mtu of the physical parent > interface to accommodate the extra bytes for the vlan tags or this is > taken care from the operating system someway when you define > a physical > interface as parent to a vlan one? > > Also as an extension to the previous question: > When using IPSEC tunnels under openbsd, is there a need to > increase the > physical interface's MTU to accommodate ipsec overhead? And > if yes, what > would be that "magic" value from your experience? > enc0 reports an MTU of 1536 which sounds logical, but that wouldnt > prevent fragmentation if the interface that the ipsec traffic > originates/terminates is at 1500. > Ofc regarding the above, the rest of networking equipment between the > ipsec endpoints (switches, routers, etc) has been configured to handle > correctly the bigger mtu values. > > Thanks in advance on any insight > > Regards, > George > >
Hello, AFAIK the VLAN "overhead" should be handled by your nic (driver) - the mtu set to 1500 is the packet size without (jumbo frame) extensions - my understanding is, that it is the same for ipsec - as long as the frame that should go through the tunnel has a size <= 1500 fragmentation will not take place, the ipsec interface itself need the overhead (1536 - 1500) for the ipsec tunnel. You see the difference because it's software, not nic/driver ... Correct my, if I'm wrong ... ;) Regards Hagen Volpers P.S.: Sorry for my bad english ...
