Can you post the output from these commands to elaborate an answer based on them?
> show configuration interface [VLAN_INTERFACE]
> show interfaces externsive [VLAN_INTERFACE]
Physical interface: vlan, Enabled, Physical link is Up Interface index: 133, SNMP ifIndex: 506, Generation: 136 Type: VLAN, Link-level type: VLAN, MTU: 9000, Clocking: Unspecified, Speed: 2000mbps Device flags : Present Running Link type : Full-Duplex Physical info : Unspecified Hold-times : Up 0 ms, Down 0 ms Current address: 28:8a:1c:40:15:10, Hardware address: 28:8a:1c:40:15:10 Alternate link address: Unspecified Last flapped : 2018-08-27 22:18:21 PDT (2d 06:00 ago) Statistics last cleared: Never Traffic statistics: Input bytes : 1125134517 4312 bps Output bytes : 35602136591 3384 bps Input packets: 14287984 8 pps Output packets: 25756930 3 pps Input errors: Errors: 0, Drops: 0, Framing errors: 0, Runts: 0, Giants: 0, Policed discards: 0, Resource errors: 0 Output errors: Carrier transitions: 0, Errors: 0, Drops: 0, MTU errors: 0, Resource errors: 0
Logical interface vlan.0 (Index 87) (SNMP ifIndex 507) (Generation 154) Flags: SNMP-Traps 0x0 VLAN-Tag [ 0x8100.3 ] Encapsulation: ENET2 Bandwidth: 0 Traffic statistics: Input bytes : 427688405 Output bytes : 12884733722 Input packets: 3842216 Output packets: 9751930 Local statistics: Input bytes : 15372726 Output bytes : 9436920 Input packets: 188994 Output packets: 44567 Transit statistics: Input bytes : 412315679 1720 bps Output bytes : 12875296802 1096 bps Input packets: 3653222 2 pps Output packets: 9707363 1 pps Security: Zone: trust Allowed host-inbound traffic : bootp bfd bgp dns dvmrp igmp ldp msdp nhrp ospf ospf3 pgm pim rip ripng router-discovery rsvp sap vrrp dhcp finger ftp tftp ident-reset http https ike netconf ping reverse-telnet reverse-ssh rlogin rpm rsh snmp snmp-trap ssh telnet traceroute xnm-clear-text xnm-ssl lsping ntp sip dhcpv6 r2cp Flow Statistics : Flow Input statistics : Self packets : 197815 ICMP packets : 502 VPN packets : 0 Multicast packets : 206288 Bytes permitted by policy : 347231174 Connections established : 62905 Flow Output statistics: Multicast packets : 0 Bytes permitted by policy : 11010156755 Flow error statistics (Packets dropped due to): Address spoofing: 0 Authentication failed: 0 Incoming NAT errors: 373 Invalid zone received packet: 0 Multiple user authentications: 0 Multiple incoming NAT: 0 No parent for a gate: 0 No one interested in self packets: 0 No minor session: 0 No more sessions: 0 No NAT gate: 0 No route present: 2679 No SA for incoming SPI: 0 No tunnel found: 0 No session for a gate: 0 No zone or NULL zone binding 0 Policy denied: 0 Security association not active: 0 TCP sequence number out of window: 32 Syn-attack protection: 0 User authentication errors: 0 Protocol inet, MTU: 8982, Generation: 171, Route table: 0 Flags: Sendbcast-pkt-to-re Addresses, Flags: Is-Preferred Is-Primary Destination: 192.168.1/24, Local: 192.168.1.1, Broadcast: 192.168.1.255, Generation: 240 Protocol inet6, MTU: 8982, Generation: 172, Route table: 0 Flags: User-MTU Addresses, Flags: Is-Preferred Destination: fe80::/64, Local: fe80::x:xxxx:xxxx:xxxx Generation: 246
I changed my mtu to a different value, i could not match the ipv6 with the base
interface mtu. vlan mtu vs. vlan.0 ipv6 mtu . Says ipv6 number must not be greater
than vlan mtu. Any comments about the rest is appreciated. I also want to know if
1536 on other devices is adviseable? I.E. , 1536 * 6 = 9216 . Wireless AP's are the
I believe we need to start by defining MTU, which is not other thing than the size of the packets/frames that can be received or sent over a logical/physical interface. Note that the size will depend on the fact that we are talking about frames (at layer 2) or packets (at layer 3); this is why I stated that the MTU is the size of the packet/frame that a logical/physical interface can process.
When a host will be sending data, it will be encapsulated in a way similar to this one:
DATA + L4 Header + L3 Header + L2 Header (TCP/UDP) (IP) (ETHERNET)When the MTU related to the logical interface (aka Protocol MTU) is calculated, we are talking about the size of the IP packets that the interface can process. This value includes the size of the data being sent (the payload) plus the L4 and L3 headers' size. Note that the L2 header size is not taken in to consideration. For regular Ethernet networks generally this protocol MTU is 1500 bytes:
PAYLOAD (1460Bytes)+ TCP Header (20 bytes)+ IP Header (20 bytes)= A packet (1500 bytes)
When the MTU related to the physical interface (aka Interface MTU) is calculated, we are talking about the size of the frames that the interface can process. This counts the amount of data being sent plus the L4, L3 and L2 headers. For instance a regular Ethernet frame has a size of 1518bytes:
PAYLOAD (1460Bytes)+ TCP Header (20 bytes)+ IP Header (20 bytes)+ Ethernet Header (18 bytes)= A frame (1518 bytes)
Now we can understand why we see more than one MTU value in the "show interfaces extensive" output for the same interface:
Logical interface vlan.0 Protocol inet, MTU: 8982 <<<<< Protocol MTUs Protocol inet6, MTU: 8982
Physical interface: vlan Link-level type: VLAN, MTU: 9000 <<<<< Interface MTU
Note that the Interface MTU is 18bytes bigger than the Protocol MTU because the first one takes in to consideration the Ethernet header size.
Knowing the above information, now lets review your questions:
Q.I have noticed that when you set up your vlan interface , a default mtu is set. Vlan mtu equals 9192. When I added ipv6 addressing I think I set it to 9174. Must have been default, I don't remember. Is it better to match these two numbers?
A/ You wont be able to match them. One represents the size of the packets (Protocol MTU, a L3 concept) and the other one the size of the frames (Interface MTU, a L2 concept). The last one includes 18 more bytes than the first one.
Q.What are the implications of setting them the same as opposed to a little different like they currently are?
A/ A packet of a size of 1500 bytes can be sent over a logical interface that has a Protocol MTU of 1500. But when the Ethernet header is added, that packet becomes a frame of 1518 bytes, and having a physical interface configured with a Interface MTU of 1500 will avoid/prevent that 1518 frame to be sent. This is why when you manually set the Protocol MTU, the Interface MTU will automatically change to a value 18ytes bigger.
Q. I changed my mtu to a different value, i could not match the ipv6 with the base interface mtu. vlan mtu vs. vlan.0 ipv6 mtu. Says ipv6 number must not be greater than vlan mtu
A/ They are never supposed to be the same. The interface MTU will be normally (if not always) 18bytes bigger than the protocol MTU because while the protocol MTU talks about packets' sizes, the interface MTU talks about frames' sizes that include the 18 more bytes of the Ethernet header.
Q. 1536 on other devices is advisable?
R/ You have to understand if you are configuring Protocol or Interface MTU. Lets say you are configuring the Protocol MTU (defining the size of the packets that can be sent by a logical interface). If the SRX will send a packet size of 8982 bytes, after this packet gets encapsulated at L2 (an Ethernet header of 18 bytes will be added), the size of the resulting frame will be of 9000bytes. The sending physical interface should have a Interface MTU of 9000, else it will drop that frame because it exceeds the size of the frames that the interface can send.
Once the 9000 bytes frame reaches the remote physical interface, it will be accepted only if the remote physical interface has a Interface MTU of 9000 or higher. Once the Ethernet header is removed, we will have a 8982 bytes packet, that could be accepted/processed only if the logical interface has a Protocol MTU of 1500 or higher.
I hope that the above information helps you.