Hello Morne,
The short answer is yes you are right: you should be able to send your 1600-byte DF-set packets end to end. Since the transit MTU over the fabric has been discovered to be 1998, your 1600-byte packet will be sent without fabric fragmentation. There is no additional configuration required: discovered MTU supersedes configured MTU automatically.
Fabric fragmentation and reassembly comes into play when the fabric packet exceeds the egress MTU, whether that MTU is configured or discovered. The fragmentation algorithm is very similar to standard IPv4 fragmentation, but expanded to accommodate for limitations in RFC 791. Be aware that LAN-side packets, once encapsulated in the fabric, can expand due to encryption, HMAC digest addition, and metadata addition. Once reassembled, the original packet is restored.
Path-mtu-discovery is designed to override configured (or default) MTU. The reason for this is that if the discovered MTU is smaller than the configured one, traffic can be silently dropped along the fabric path (ICMP destination-unreachable packets may be generated) and that is very hard to diagnose. Conversely, if the discovered MTU is larger than the configured one, why not use it?
Regards,
------------------------------
Dennis G Montgomery
Principal Software Engineer
MA
(781) 203-8378
------------------------------
Original Message:
Sent: 06-25-2019 11:19
From: Morne Vermeulen
Subject: Fabric Fragmentation and MTU
Hi All,
I would like to know how the fabric fragmentation works and how a network-interface MTU configuration affects this feature.
Currently I have a LAN and WAN interface for 2 routers which peer with each other. LAN MTU on both interfaces are configured as 1600, and WAN is configured as 1500 (left as default). When I enable path-mtu-discovery for the neighborhood used to facilitate the peering, I get a maximum path MTU of 1998.
In this case, does the network-interface MTU get overwritten for traffic between these two peers? Technically if I generate traffic on the LAN side of router-1, destined for a service on the LAN side of router-2 (with DF bit set), I should theoretically be able to send 1600 byte packets end to end, correct?
Also - is there something I need to enable in configuration for path-mtu to be taken into account, or does that happen automatically?
Regards
------------------------------
Morne Vermeulen
Core Engineer
+27 (0) 10 141 8512
------------------------------