Configuration Considerations For Pmtud Support; Tunnel Loopback Ports For Gre Tunnels - Brocade Communications Systems FastIron SX 800 Configuration Manual

IPv4 point-to-point GRE tunnels
RFC 1191 describes a method for dynamically discovering the maximum transmission unit (MTU) of an arbitrary internet path. When a
FastIron device receives an IP packet that has its Do not Fragment (DF) bit set, and the packet size is greater than the MTU value of the
outbound interface, then the FastIron device returns an ICMP Destination Unreachable message to the source of the packet, with the
code indicating "fragmentation needed and DF set". The ICMP Destination Unreachable message includes the MTU of the outbound
interface. The source host can use this information to help determine the minimum MTU of a path to a destination.
RFC 4459 describes solutions for issues with large packets over a tunnel. The following methods, from RFC 4459, are supported in
Brocade IronWare software:
• If a source attempts to send packets that are larger than the lowest MTU value along the path, Path MTU Discovery (PMTUD)
can signal to the source to send smaller packets. This method is described in Section 3.2 of RFC 4459.
• Inner packets can be fragmented before encapsulation, in such a manner that the encapsulated packet fits in the tunnel path
MTU, which is discovered using PMTUD. This method is described in Section 3.4 of RFC 4459.
By default, PMTUD is enabled.

Configuration considerations for PMTUD support

Consider the following when configuring PMTUD support.
• On FCX devices, only eight different MTU values can be configured over the whole system. When the SX-FI48GPP module is
installed in the FastIron SX device, the maximum number of different MTU values that can be configured is 16.
• On both FCX devices, and the SX-FI-24GPP, SX-FI48GPP, SX-FI-24HF, SX-FI-2XG, and SX-FI-8XG modules, PMTUD will
not be enabled on the device if the maximum number of MTU values has already been configured in the system.
– When a new PMTUD value is discovered, and the maximum number of different MTU values for the system is already
configured , the new value will search for the nearest, but smallest MTU value relative to its own value in the system. For
example, in a FCX system, the new PMTUD value is 800, and the eight different MTU values configured in the system are
600, 700, 820, 1000, 1100, 1200, 1300, and 1500. The range of MTU values that can be configured is from 576
through 1500. The new PMTUD value 800 cannot be added to the system so the nearest, but smallest MTU value is
used. In this example, the MTU value of 700 is considered as the nearest MTU value already configured in the system.
– When the new PMTUD value is smaller than all of the eight MTU values configured in the system, the PMTUD feature is
disabled for the tunnel, and the value is not added to the system. For example, the new PMTUD value is 620 which is
smaller in value than all of the eight, different MTU path values configured in the system. The following warning message is
displayed on the CLI:
Warning - All MTU profiles us
ed, disabling PMTU for tunnel
tunnel_id
; new PMTU was
new pmtu discovered

Tunnel loopback ports for GRE tunnels

For SX-FI624C, SX-FI624P, SX-FI624HF, and SX-FI62XG modules a physical tunnel loopback port is required for routing a
decapsulated packet. When a GRE-encapsulated packet is received on a tunnel interface, and the packet needs to be decapsulated, the
packet is decapsulated and sent to the tunnel loopback port. The packet is then looped back and forwarded based on the payload
packets.
If a tunnel loopback port is not configured, tunnel termination is performed by the CPU. Each GRE tunnel interface can have one
assigned tunnel loopback port and the same tunnel loopback port can be used for multiple tunnels.
104
FastIron Ethernet Switch Layer 3 Routing
53-1003627-04