[ previous ] [ next ] [ threads ]
 
 From:  Raphael Maunier <raphael at maunier dot net>
 To:  Aaron with Morad <aaronc at morad dot ab dot ca>, m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Vlan & Mtu problem
 Date:  Mon, 06 Jun 2005 15:51:12 +0200 
Thanks Aaron,

Where did you changed the mtu configuration on Monowall. The only MTU 
you can modify is on the Wan interface.

--
Raphaël
Aaron with Morad wrote:

> I had this same problem when I started using 802.1Q tagging.  It 
> appears that different NICs can packetize the data differently - 
> smaller packets, regardless of the MTU set.  After allowing for the 
> extra overhead of the 802.1Q tags, and a little more, I have been 
> using 1400 in the m0n0wall (no change in the PC's) for a few weeks now 
> and have not had any problems.
>
> Aaron
>
>
>
>
> ----- Original Message ----- From: "Raphael Maunier" 
> <raphael at maunier dot net>
> To: <m0n0wall at lists dot m0n0 dot ch>
> Sent: Monday, June 06, 2005 4:07 AM
> Subject: [m0n0wall] Vlan & Mtu problem
>
>
>> Hi all,
>>
>> I have some pb with Vlan and Monowall.
>>
>> Here is my configuration:
>>
>> Monowall with 3 lan interfaces using 1.2b8
>> - Public
>> - Customers
>> - Backup server
>>
>> All interfaces are connected on a cisco switch.
>> All customers have to be on different subnet and don't have to see 
>> each other.
>> I use 802.1Q on customers interface.
>> Ip configuration is /27 for all Vlan interfaces
>> All Servers are Win2K3.
>>
>> Customers have to connect using PPTP (@home) and Ipsec (@work).
>>
>> Config ot the trunk
>>
>> sh run interface fastEthernet 0/47
>> Building configuration...
>>
>> Current configuration:
>> !
>> interface FastEthernet0/47
>>  description Customers 802.1Q Trunk
>>  switchport trunk encapsulation dot1q
>>  switchport mode trunk
>>  spanning-tree portfast
>> end
>>
>> sh int status | i Fa0/47
>> Fa0/47  Customers 802.1Q T connected    trunk    A-Full   A-100 
>> 100BaseTX/FX
>>
>>
>> For the test, all rules are "accept" between all interfaces. I have 2 
>> W2K3 on 2 differents interfaces.
>> Both servers are able to ping each other. But when I try do use rdp 
>> from one interface to another, it doesn't work, even if I use "Allow 
>> fragmented packets". I also tried with PPTP.
>>
>> I finally sorted out using an MTU of 1468 on the win2K3 srv.
>> I thought that is was the end but into the Ipsec tunnel unable to use 
>> rdp.
>> I changed the MTU from 1468 to 1400 and it's seems to work this way.
>>
>> The problem seems to be located only on Giga Intel card. I tried with 
>> an Via ethernet card and no problem...
>>
>> FYI, I also test this configuration without vlan and only physical 
>> interface with default MTU value and all is ok.
>>
>> How can I be sure that the 1400 value for the Mtu will be the good one ?
>>
>> Thanks.
>>
>> -- 
>> Raphaël Maunier
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>>
>