VPN tunnel drops fragments

Discussion in 'Cisco' started by profile0104, Nov 20, 2006.

  1. profile0104

    profile0104 Guest

    Hello

    I'm experiencing a strange problem with a GRE over IPSec tunnel between
    two Cisco routers.

    The configuration is tested and has been working for a long time,
    except for a single application. This client-server application works
    on UDP and this is what happens:

    1) app-client generates a 1800 bytes UDP packet
    2) packet is fragmented 1500 + 300 by the first router met
    3) the two fragmented packets (1500 and 300) hit the VPN tunnel
    interface but they don't make it to the other side of the tunnel. It
    looks as they're silently dropped, app-server never sees them.

    The tunnel works in transport mode and ip mtu is set to 1440 bytes, the
    load on the VPN routers is very very low. The tunnel perfectly
    fragments packets bigger than 1440 but smaller than 1500

    Thank you for any advice
    profile0104, Nov 20, 2006
    #1
    1. Advertising

  2. Not sure but maybe this :

    http://www.cisco.com/en/US/products...erence_chapter09186a008042d6e9.html#wp1029667


    "profile0104" <> wrote in message
    news:...
    > Hello
    >
    > I'm experiencing a strange problem with a GRE over IPSec tunnel between
    > two Cisco routers.
    >
    > The configuration is tested and has been working for a long time,
    > except for a single application. This client-server application works
    > on UDP and this is what happens:
    >
    > 1) app-client generates a 1800 bytes UDP packet
    > 2) packet is fragmented 1500 + 300 by the first router met
    > 3) the two fragmented packets (1500 and 300) hit the VPN tunnel
    > interface but they don't make it to the other side of the tunnel. It
    > looks as they're silently dropped, app-server never sees them.
    >
    > The tunnel works in transport mode and ip mtu is set to 1440 bytes, the
    > load on the VPN routers is very very low. The tunnel perfectly
    > fragments packets bigger than 1440 but smaller than 1500
    >
    > Thank you for any advice
    >
    Martin Bilgrav, Nov 20, 2006
    #2
    1. Advertising

  3. profile0104

    profile0104 Guest

    profile0104, Nov 22, 2006
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. a.nonny mouse
    Replies:
    2
    Views:
    1,090
  2. Trouble
    Replies:
    0
    Views:
    609
    Trouble
    Aug 4, 2006
  3. Trouble
    Replies:
    1
    Views:
    533
  4. garywi

    Wireless Connection Drops, then connects, drops...

    garywi, Feb 12, 2009, in forum: Wireless Networking
    Replies:
    1
    Views:
    665
    Robert L. \(MS-MVP\)
    Feb 12, 2009
  5. ankitm
    Replies:
    0
    Views:
    2,567
    ankitm
    Apr 26, 2009
Loading...

Share This Page