On Fri, Jul 27, 2018 at 6:32 AM, Mikael Abrahamsson <swm...@swm.pp.se> wrote: > On Fri, 27 Jul 2018, Ole Troan wrote: > >> There's nothing intrinsic in tunnels that require network layer >> fragmentation. The current IP in IP / GRE etc tunnel implementations do, but >> in principle we could design tunnel fragmentation/reassembly above the >> network layer.
GUE defines that. Fragementation is done within the encapsulation layer so that it is transparent to the network. > > > This is what I do with OpenVPN for instance. I tell it to application layer > fragment at ~1400 bytes, so the resulting packets always are significantly > below 1500 bytes. So even as the inside of the tunnel is 9000 MTU clean, it > never results in IP fragments to be transported. > I don't think that can be called a general approach. Setting MTU to 1400 bytes only avoids fragmentation if all the tunnel headers being inserted are less than 100 bytes. If you start using more tunnel options or the tunnel ingress inserts extension headers then that 100 byte budget may be exceeded may be exceeded. So a requirement to avoid fragmentation in this manner would have to be that the MTU needs to be low enough to account for all possible encapsulation overhead that may be applied to a packet-- the emerging use of in-situ OAM, segment routing, and even just switching from IPv4 to IPv6 for the underlay puts downward pressure on MTUs. Lowering the MTU increase ratio of overhead to user data thus making communications less efficient. Fragmentation for tunneling is a special case since tunnels are often used within a controlled network and precisley two fragments are always generated. I know of at least one very large data center that relies on fragmentation for tunneling. It seems to work fine in such an environment and is preferable to lowering the MTU for everyone (even non-tunnels) or turning on jumbo frames (complex to do at large scale). Tom > -- > Mikael Abrahamsson email: swm...@swm.pp.se > > _______________________________________________ > Int-area mailing list > Int-area@ietf.org > https://www.ietf.org/mailman/listinfo/int-area _______________________________________________ Int-area mailing list Int-area@ietf.org https://www.ietf.org/mailman/listinfo/int-area