From owner-freebsd-net@freebsd.org Mon Mar 23 05:00:21 2020 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id B045A2788BC for ; Mon, 23 Mar 2020 05:00:21 +0000 (UTC) (envelope-from vas@sibptus.ru) Received: from admin.sibptus.ru (admin.sibptus.ru [IPv6:2001:19f0:5001:21dc::10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 48m2J44dMwz4Y40 for ; Mon, 23 Mar 2020 05:00:20 +0000 (UTC) (envelope-from vas@sibptus.ru) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sibptus.ru; s=20181118; h=Message-ID:Subject:To:From:Date:In-Reply-To; bh=VfEnOLRWTsu6LJnGc4G4/os8GgTKfLzV9yHjkwL9leo=; b=XXmqMN8MrINEBRtRn3F+m1xXOp KnVZrkpSYQYfOXVZ2OI957Xd1LU0RqiihhjepbhcS3fgqoeEMi2ggWkck3nGPQj3vTGuzPzaAe9JK Dqo//aMpCT5Xri4LgjOUM0GwL4LtZ6VL6WdIdHWuEpgyw2rP4MtEsMuv6CbFUjiZHD7A=; Received: from vas by admin.sibptus.ru with local (Exim 4.93.0.4 (FreeBSD)) (envelope-from ) id 1jGFC8-000DB6-Sa for freebsd-net@freebsd.org; Mon, 23 Mar 2020 12:00:12 +0700 Date: Mon, 23 Mar 2020 12:00:12 +0700 From: Victor Sudakov To: freebsd-net@freebsd.org Subject: IP MTU on gif and gre interfaces (with and without IPSec encryption) Message-ID: <20200323050012.GA50490@admin.sibptus.ru> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="zYM0uCDKw75PZbzx" Content-Disposition: inline X-PGP-Key: http://admin.sibptus.ru/~vas/ X-PGP-Fingerprint: 10E3 1171 1273 E007 C2E9 3532 0DA4 F259 9B5E C634 X-Rspamd-Queue-Id: 48m2J44dMwz4Y40 X-Spamd-Bar: -------- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=sibptus.ru header.s=20181118 header.b=XXmqMN8M; dmarc=pass (policy=none) header.from=sibptus.ru; spf=pass (mx1.freebsd.org: domain of vas@sibptus.ru designates 2001:19f0:5001:21dc::10 as permitted sender) smtp.mailfrom=vas@sibptus.ru X-Spamd-Result: default: False [-8.46 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-0.996,0]; R_DKIM_ALLOW(-0.20)[sibptus.ru:s=20181118]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; TO_DN_NONE(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; RCPT_COUNT_ONE(0.00)[1]; IP_SCORE(-3.36)[ip: (-9.89), ipnet: 2001:19f0:5000::/38(-4.94), asn: 20473(-1.94), country: US(-0.05)]; DKIM_TRACE(0.00)[sibptus.ru:+]; DMARC_POLICY_ALLOW(-0.50)[sibptus.ru,none]; SIGNED_PGP(-2.00)[]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:20473, ipnet:2001:19f0:5000::/38, country:US]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 23 Mar 2020 05:00:21 -0000 --zYM0uCDKw75PZbzx Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Dear Colleagues, If the MTU on the external Ethernet interface is 1500, it should be safe to configure the gif(4) interfaces with mtu=3D1480 and gre(4) interfaces with mtu=3D1476, correct? I've noticed that a newly created gre0 interface has the expected "mtu 1476" value, but a newly created gif0 interface has "mtu 1280", why would the default be so low? A second question. If the gif and gre tunnels will be wrapped in IPSec transport mode, does it make sense to set the MTU on the corresponding gif and gre interfaces to some lower value? --=20 Victor Sudakov, VAS4-RIPE, VAS47-RIPN 2:5005/49@fidonet http://vas.tomsk.ru/ --zYM0uCDKw75PZbzx Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEcBAEBAgAGBQJeeEJcAAoJEA2k8lmbXsY0L7gH/28dlW0TzJvrYCimZPgvq9UP X4/ur29r5M0IH4WldQfSIm1uoMjB7I4LallXU12K27RTsZcXwUBwHzjINaWMsNbi Jj1b1bAA0DdiDCLQeeJ1nWSMX/GYRq2cd9NR/AFJ8SQyZQxoiCk7OcRkwbc7eS9p FQ9Cqf/oBaEGcgtjUOcHs+Ahv1EM4nFF1qkgdXsGiCrugQ7nr9yt2ZI/3SCui+e8 H3bFqgYfE1El0skJ9kYNlv1vC5XpKvwXGdIy5l22ZTZ1igueajDr9V3L79ObIluI nVHiieTSaDewhVJgthhAGj4pF8BkeDyk0xwnHEMGlbDLm6trvKYgfDYPViALm68= =21Ty -----END PGP SIGNATURE----- --zYM0uCDKw75PZbzx--