diff options
author | Christian Breunig <christian@breunig.cc> | 2023-11-22 10:52:40 +0100 |
---|---|---|
committer | Christian Breunig <christian@breunig.cc> | 2023-11-22 10:52:40 +0100 |
commit | 4a163b016333e58fee9d6ec6b53a09e0160b3213 (patch) | |
tree | b8b8d45a498156daa810ef937e8c2689a91ef02b /data/templates/firewall | |
parent | 00a28fe512ccb56f4ca57d18c2613ac47242a66d (diff) | |
download | vyos-1x-4a163b016333e58fee9d6ec6b53a09e0160b3213.tar.gz vyos-1x-4a163b016333e58fee9d6ec6b53a09e0160b3213.zip |
vxlan: T5759: change default MTU from 1450 -> 1500 bytes
Found an odd behavior on Linux and the VyOS CLI implementation. If adding VXLAN
interfaces using iproute2 the MTU differs depending on the creation syntax:
ip -4 link add vxlan100 type vxlan dstport 4789 external df unset tos inherit \
ttl 16 nolearning vnifilter local 172.16.33.201
ip -4 link add vxlan200 type vxlan id 200 dstport 4789 local 172.16.33.201 dev eth0
ip -6 link add vxlan300 type vxlan id 300 dstport 4789 local 2001:db8:1::1 dev eth0
132: vxlan300: <BROADCAST,MULTICAST> mtu 1430 qdisc noop state DOWN group default qlen 1000
link/ether 4e:fb:e3:f5:d9:59 brd ff:ff:ff:ff:ff:ff
133: vxlan200: <BROADCAST,MULTICAST> mtu 1450 qdisc noop state DOWN group default qlen 1000
link/ether 0e:4e:f4:76:59:3f brd ff:ff:ff:ff:ff:ff
134: vxlan100: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether ba:b6:b7:0c:b1:37 brd ff:ff:ff:ff:ff:ff
VyOS always sets a default MTU of 1450 bytes which is correct for IPv4 p2p links
or multicast, but invalid for IPv6 p2p. Also this will break EVPN deployments
as ethernet bridges with MTU < 1500 bytes are less fun.
Increase default MTU to 1500 bytes. Migrate old configurations to use 1450
bytes if not specified otherwise on the CLI.
Diffstat (limited to 'data/templates/firewall')
0 files changed, 0 insertions, 0 deletions