Text only | Text with Images

OPNsense Forum

English Forums => General Discussion => Topic started by: random1104 on October 21, 2021, 07:39:25 PM

Title: MTU for VLAN parent device
Post by: random1104 on October 21, 2021, 07:39:25 PM
Hello!,

I'm tagging/untagging on a OPNSense virtual machine. The host is already configured with MTU=9000 which is transfered to the VM NIC too.

I would like to set the MTU for my vtnet0 interface to 1600 bytes to properly pass 1500bytes payload tagged. The only option I can see is the VLAN interface MTU which is already 1500. How can I define the MTU for the parent device?

Title: Re: MTU for VLAN parent device
Post by: random1104 on October 25, 2021, 09:25:22 AM
Well, tested defining an interface for the parent device. Still no joy:

root@vfw02:~ # ifconfig vtnet4
vtnet4: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1600
        options=800a8<VLAN_MTU,JUMBO_MTU,VLAN_HWCSUM,LINKSTATE>
        ether 6e:61:51:08:8c:94
        inet6 fe80::6c61:51ff:fe08:8c94%vtnet4 prefixlen 64 scopeid 0x5
        media: Ethernet 10Gbase-T <full-duplex>
        status: active
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
root@vfw02:~ #
root@vfw02:~ #
root@vfw02:~ # ifconfig vtnet4_vlan91
vtnet4_vlan91: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=80000<LINKSTATE>
        ether 6e:61:51:08:8c:94
        inet6 fe80::6c61:51ff:fe08:8c94%vtnet4_vlan91 prefixlen 64 scopeid 0x14
        inet 172.16.1.3 netmask 0xffffff00 broadcast 172.16.1.255
        inet 172.16.1.1 netmask 0xffffff00 broadcast 172.16.1.255 vhid 68
        groups: vlan
        carp: BACKUP vhid 68 advbase 1 advskew 100
        vlan: 91 vlanpcp: 0 parent interface: vtnet4
        media: Ethernet 10Gbase-T <full-duplex>
        status: active
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>

root@vfw01:~ # ifconfig vtnet4
vtnet4: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1600
        options=800a8<VLAN_MTU,JUMBO_MTU,VLAN_HWCSUM,LINKSTATE>
        ether 72:ee:e4:b0:fa:14
        inet6 fe80::70ee:e4ff:feb0:fa14%vtnet4 prefixlen 64 scopeid 0x5
        media: Ethernet 10Gbase-T <full-duplex>
        status: active
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>


root@vfw01:~ # ifconfig vtnet4_vlan91
vtnet4_vlan91: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=80000<LINKSTATE>
        ether 72:ee:e4:b0:fa:14
        inet6 fe80::70ee:e4ff:feb0:fa14%vtnet4_vlan91 prefixlen 64 scopeid 0x14
        inet 172.16.1.2 netmask 0xffffff00 broadcast 172.16.1.255
        inet 172.16.1.1 netmask 0xffffff00 broadcast 172.16.1.255 vhid 68
        groups: vlan
        carp: MASTER vhid 68 advbase 1 advskew 0
        vlan: 91 vlanpcp: 0 parent interface: vtnet4
        media: Ethernet 10Gbase-T <full-duplex>
        status: active
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>

root@vfw01:~ # ping -D -c 3 -s 1500 172.16.1.3
PING 172.16.1.3 (172.16.1.3): 1500 data bytes
ping: sendto: Message too long
ping: sendto: Message too long
ping: sendto: Message too long

--- 172.16.1.3 ping statistics ---
3 packets transmitted, 0 packets received, 100.0% packet loss


Both are VMs running on top of proxmox, devices seem correct (OVS bridge related):

root@pve01:~# ip addr|grep 1600
116: vmbr1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1600 qdisc noqueue state UNKNOWN group default qlen 1000
124: tap102i4: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1600 qdisc pfifo_fast master ovs-system state UNKNOWN group default qlen 1000
129: tap101i4: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1600 qdisc pfifo_fast master ovs-system state UNKNOWN group default qlen 1000


Any pointers?
Title: Re: MTU for VLAN parent device
Post by: lilsense on October 25, 2021, 09:29:00 PM
why do you believe that either 9K or 15oo is not workingg properly
Title: Re: MTU for VLAN parent device
Post by: allebone on October 25, 2021, 10:04:53 PM
For ping you must remove 18 bytes to test an mtu of 1500 so in your test:

ping -D -c 3 -s 1500 172.16.1.3

This is testing an MTU of 1518.

Please use

ping -D -c 3 -s 1472 172.16.1.3

to test an MTU of 1500.

P
Title: Re: MTU for VLAN parent device
Post by: random1104 on October 26, 2021, 07:18:49 PM
Tried to send 1500 bytes of payload (ping test), which is what the servers expect to send/pass. Hence, the need to set MTU=1600 for the trunk interfaces.
Title: Re: MTU for VLAN parent device
Post by: allebone on October 26, 2021, 09:01:44 PM
I dont understand your reply. Can you repeat the test as I indicated and post the output?
Title: Re: MTU for VLAN parent device
Post by: random1104 on October 28, 2021, 04:38:16 PM
Quote from: allebone on October 25, 2021, 10:04:53 PM
For ping you must remove 18 bytes to test an mtu of 1500 so in your test:

ping -D -c 3 -s 1500 172.16.1.3

This is testing an MTU of 1518.

Please use

ping -D -c 3 -s 1472 172.16.1.3

to test an MTU of 1500.

P

root@vfw01:~ # ping -D -c 3 -s 1500 172.16.1.3
PING 172.16.1.3 (172.16.1.3): 1500 data bytes
ping: sendto: Message too long
ping: sendto: Message too long
ping: sendto: Message too long

--- 172.16.1.3 ping statistics ---
3 packets transmitted, 0 packets received, 100.0% packet loss


root@vfw01:~ # ping -D -c 3 -s 1472 172.16.1.3
PING 172.16.1.3 (172.16.1.3): 1472 data bytes
1480 bytes from 172.16.1.3: icmp_seq=0 ttl=64 time=0.959 ms
1480 bytes from 172.16.1.3: icmp_seq=1 ttl=64 time=0.351 ms
1480 bytes from 172.16.1.3: icmp_seq=2 ttl=64 time=0.319 ms

--- 172.16.1.3 ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.319/0.543/0.959/0.294 ms
Title: Re: MTU for VLAN parent device
Post by: Patrick M. Hausen on October 28, 2021, 04:58:17 PM
Quote from: allebone on October 25, 2021, 10:04:53 PM
For ping you must remove 18 bytes to test an mtu of 1500 so in your test:

ping -D -c 3 -s 1500 172.16.1.3

This is testing an MTU of 1518.

Please use

ping -D -c 3 -s 1472 172.16.1.3

to test an MTU of 1500.

P
While I agree with your reasoning, I like to point out that 1500 - 18 = 1482. One of your numbers is wrong and it is probably not the 1500. ;)
Title: Re: MTU for VLAN parent device
Post by: allebone on October 28, 2021, 10:55:51 PM
oops sorry you are right it is 28 not 18. 20 = ip header and 8 = ICMP header.

Regards the test then it seems you have confirmed the MTU is 1500 and there is no issue?

"root@vfw02:~ # ifconfig vtnet4_vlan91
vtnet4_vlan91: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=80000<LINKSTATE>
        ether 6e:61:51:08:8c:94
        inet6 fe80::6c61:51ff:fe08:8c94%vtnet4_vlan91 prefixlen 64 scopeid 0x14
        inet 172.16.1.3 netmask 0xffffff00 broadcast 172.16.1.255
        inet 172.16.1.1 netmask 0xffffff00 broadcast 172.16.1.255 vhid 68
        groups: vlan
        carp: BACKUP vhid 68 advbase 1 advskew 100
        vlan: 91 vlanpcp: 0 parent interface: vtnet4
        media: Ethernet 10Gbase-T <full-duplex>
        status: active
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>"

relevant info from above = mtu 1500 and IP 172.16.1.3

Test info:
root@vfw01:~ # ping -D -c 3 -s 1472 172.16.1.3
PING 172.16.1.3 (172.16.1.3): 1472 data bytes
1480 bytes from 172.16.1.3: icmp_seq=0 ttl=64 time=0.959 ms
1480 bytes from 172.16.1.3: icmp_seq=1 ttl=64 time=0.351 ms
1480 bytes from 172.16.1.3: icmp_seq=2 ttl=64 time=0.319 ms

Message indeed is received and replied to.

Can you explain further what you want to do? Are you wanting to change this interface to MTU 1600?
Text only | Text with Images