GRE Ethernet tunnel and MTU

Posted by Benoit Papillault on Nov 18, 2009 in Linux |
Subscribe

After creating a GRE Ethernet tunnel, it seems important to understand how encapsulation affects MTU along with some common pitfalls when using GRE Ethernet tunnel in Linux.

Creating a GRE Ethernet tunnel involves few steps describe in another post : Using GRE Ethernet tunnel

A first pitfall is that you need to make sure that your kernel includes a patch from Herbert Xu  dated 2009-10-30 (this patch has been published since my last post, this is really incredible!). Without this patch, you should have noticed that your GRE interfaces did not have a proper MAC broadcast address.

Without the patch (2.6.32-rc5-wl kernel)  :

# ip link show mygre0
5: mygre0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
 link/ether c0:a8:01:45:78:75 brd c0:a8:01:37:ff:ff

With the patch (2.6.32-rc6-wl kernel) :

# ip link show mygre0
7: mygre0@NONE: <BROADCAST,MULTICAST> mtu 1462 qdisc noop state DOWN qlen 1000
 link/ether 1a:04:03:bb:e7:9f brd ff:ff:ff:ff:ff:ff

Once this problem has been solved, let’s go back to the MTU subject. By definition, MTU is the Maximum Transmit Unit size in bytes of an IP datagram. A common value used for IP over Ethernet is 1500 bytes. But since GRE is using encapsulation, if we start with an outer IP packet of 1500 bytes, we need to removes 20 bytes by the outer IP header, then 4 bytes required by GRE header, then 14 bytes required by Ethernet (2 MAC addresses of 6 bytes + 2 bytes for the EtherType field). All in all, we removed 38 bytes, leading to an inner IP packet of 1500 – 38 = 1462 bytes. This value is indeed the default MTU of our newly created GRE interface.

Now, we want to put this new GRE interfaces into a bridge, in order to be able to bridge two Ethernet LAN. Since the default MTU over Ethernet is 1500, we want to create a bridge interface (br0) with an MTU of 1500 bytes. To do so, each interfaces inside the bridge must also have a 1500 bytes MTU. As such, we need to increase the GRE MTU to 1500.

If we simply do so, a simple ping will work since it’s a small packet. But tracepath is not working since this tools is sending 1500 bytes packets (in order to discover the real path MTU) and for some reason, packets are not fragmented at all. A quick and dirty solution was to increase the Wireless interface MTU to 1538 bytes since in my case, the GRE tunnel was over a single Wireless link.

 

Comments are closed.

© 2024 Blog de Benoit Papillault ! Theme : Laptop Geek - Réalisation : BenoitDuWeb - Mentions légales