Date: Fri, 28 Jan 2005 16:50:26 -0500 From: Michael E.Conlen <meconlen@obfuscated.net> To: Chuck Swiger <cswiger@mac.com> Cc: FreeBSD Mailing List <freebsd-questions@freebsd.org> Subject: Re: pf and different MTUs Message-ID: <39eb5cf34159845c32f463933f35f16e@obfuscated.net> In-Reply-To: <41FAB04E.9080606@mac.com> References: <7dafe99c9578eecb24e826dc7226278b@obfuscated.net> <41FAB04E.9080606@mac.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Jan 28, 2005, at 4:36 PM, Chuck Swiger wrote: > Michael E.Conlen wrote: >> I'm using FreeBSD and PF as a firewall between two networks. I want >> to change the MTU on one network to 9k but I have to leave the MTU on >> the other network at 1500 bytes. Will the system handle the >> fragmenting for me going from the larger MTU to the smaller? > > Sure. However, if you have a lot of traffic using jumbo frames going > over that 1500 MTU segment, you might be better off using an MTU of > 1500 everywhere. > At least half the traffic I use now doesn't go over that link and would benefit from the larger MTU. In addition I'm constrained on resources for those servers where as I can add additional firewalls without great expense. On the other side there is a good bit of traffic going over those links that would use jumbo frames but not all of it would. In addition the cost of using two separate networks for the traffic would be more than adding two more firewalls (based on the cost of doubling the number of ports) so I'm figuring this is the way to go. Thanks.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?39eb5cf34159845c32f463933f35f16e>