9000 MTU WAN
-
I have a special case in a datacenter and my WAN is 9000 MTU and all the way through routers within datacenter, they all are 9000 MTU
Do I have to set my LAN also to 9000 MTU? I have LAN on default 1500 MTU but it's acting up, I have packet drops and things like that. Am I missing something here? Should I set LAN to 9000 MTU as well?
-
Ideal is to have the same MTU all the way from host to host.
-
@andyrh True, but if I don't set LAN MTU and guest VM's MTU to 9000, it should still work fine?
-
Yeah, if you have incoming connections from WAN to LAN at 9000B you should have the LAN set as that also.
Packet captures would show it.Steve
-
@stephenw10 I'm mainly having connection issues from inside LAN to outside, especially on small SSL connections
-
Run a pcap on the WAN and see what's happening. If path-mtu is not working as expected and replies are coming back in oversized packets with do-not-fragment set they would be dropped.
Steve
-
@stephenw10 Ok, how about VPN interfaces, I have OpenVPN and wireguard, I don't have to touch those or set those to 9000, right?
-
I would not expect so since the hosts using those at each end are presumably using 1500.
-
You can have whatever MTU you wish on your LAN, as IP is designed to work over different MTU, provided everything thing on a subnet is at the same MTU. Fragmentation (IPv4 only) and Path MTU Discovery (PMTUD) will be used fit the packets to a MTU. However, if you can manage 9000 on your LAN, then that would be best. However, you won't be able to use WiFi on that LAN as it supports a maximum MTU 2304 bytes. Also, where is your LAN compared to the data centre? If you have to connect to it via the public Internet, then you're still going to be limited to 1500. I believe Internet 2 supports 9000 MTU.