On 10/28/2013 02:29 PM, Paul Theodoropoulos wrote:
On 10/25/13, 11:18 AM, Thomas Stokkeland wrote:
If you are not doing SAN stuff, or very large file transfers within
the collision domain - enabling Jumbo is likely to cause a crappier
performance than leaving it at the standard 1500MTU - because, the
router or receiving device will tell the sender to fragment, your
packet will be split in half, this retransmit attempt will happen
several times till the MTU is met - then as the "knowledge" of this
expires your device will have to do that over and over.. causing a ton
of extra traffic on your network.. so, if you don't have a requirement
to use large MTU, then turn it off - i suspect there are mechanisms in
the vpn software that either ignores large packets (because they are
not to be routed) or just can't handle fragmentation at that level
That makes sense - thanks for the explanation. I suffer the "If an
optional value is bigger, it must therefore be better/faster/more, so I
need to use it" syndrome.
Hi Paul,
Along with what Thomas said, a lot of firewalls simply drop fragmented
packets (in general, not specific to jumbo frames).
When they do try to do reassembly, I've seen errors related to what
essentially seems to checksum failures (bad SPI I think). Furthermore,
a bunch of fragmented packets will lead to a higher possibility of
out-of-order or lost packets, which will could also mess up the
reassembly process and will definitely negatively affect performance.
_______________________________________________
vpn-help mailing list
[email protected]
https://lists.shrew.net/mailman/listinfo/vpn-help
