Date: Mon, 23 Mar 2020 14:17:15 +0700 From: Victor Sudakov <vas@sibptus.ru> To: freebsd-net@freebsd.org Subject: Re: IP MTU on gif and gre interfaces (with and without IPSec encryption) Message-ID: <20200323071715.GB54231@admin.sibptus.ru> In-Reply-To: <20200323050012.GA50490@admin.sibptus.ru> References: <20200323050012.GA50490@admin.sibptus.ru>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] Victor Sudakov wrote: > > If the MTU on the external Ethernet interface is 1500, it should be safe > to configure the gif(4) interfaces with mtu=1480 and gre(4) > interfaces with mtu=1476, correct? > > I've noticed that a newly created gre0 interface has the expected "mtu 1476" > value, but a newly created gif0 interface has "mtu 1280", why would the > default be so low? > > A second question. If the gif and gre tunnels will be wrapped in > IPSec transport mode, does it make sense to set the MTU on the > corresponding gif and gre interfaces to some lower value? And to make the matter even more mysterious, if_ipsec(4) which is essentially the same as gif, is created by default with mtu=1400 for some reason. -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN 2:5005/49@fidonet http://vas.tomsk.ru/ [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- iQEcBAEBAgAGBQJeeGJ7AAoJEA2k8lmbXsY0CyoH/3Rtm1q5B3WuthzkTX0/1+B0 SjHIAaUxUyajiIN7+E4DuqHRvnLoMwM5omnGFgek7hmbJFhpgIzSKuHjmsCNNHX6 BpmeRS2YFlnucq365nr/5yaRJh3VM0DT+K1LPJ9csa8jkl+SMoheEMPGlRQR5lMY 79rvqCYn4lZ3wZ6dAJw0PhY9nEbsXpIp0RuA87Wa0x+zdZg7pcnXEyGdJxc2u2qz 7D4G8Cw8RdN9lcUDeqvUCc7hG1pl9AP6iz7pTo5WGFbmYJ9c+qSYkb8smFcnx04G IdAN4kR4FBrttamrM/UqhuMkAjNCTAmWwmmVtBmETMftrZCkpp5R7KGQfuIi+ro= =PmYG -----END PGP SIGNATURE-----help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20200323071715.GB54231>