GOT MTUs?

**AUFWGURU** · 09-28-2016, 11:15 PM

Physical Interface (Currently TRUNKED interface to my (L2)Switch<Cisco 3750G>):
FGT-90D (internal1) # sh full | grep "set mtu"
set mtu-override enable
set mtu 9208 <-WHOOHOO JUMBOS!

Virtual VLAN interface:
FGT-90D (LANNET_VLAN9) # set mtu
<integer> Maximum transmission unit(68-1500)

My manual settings:
FGT-90D (LANNET_VLAN9) # sh full | grep "set mtu"
set mtu-override enable
set mtu 9028 <-WTF??? Yes Jumbos/No Jumbos??

Ping results using 8000 bytes:
C:\Users\amnesia>ping -l 8000 (com'on big packets!) 10.10.9.254 VLAN9 Sub interface on FG90D

Pinging 10.10.9.254 with 8000 bytes of data:
Request timed out. <-LIES
Request timed out. <- LIES
Request timed out. <- LIES
Request timed out. <- LIES

Ping statistics for 10.10.9.254:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

Ping results using 1390 bytes: >1500Bytes
C:\Users\amnesia>ping -l 1390 10.10.9.254 VLAN9 Sub interface on FG90D

Pinging 10.10.9.254 with 1390 bytes of data:
Reply from 10.10.9.254: bytes=1390 time<1ms TTL=255 <- NO JUMBO FOR YOU!
Reply from 10.10.9.254: bytes=1390 time<1ms TTL=255 <- NO JUMBO FOR YOU!
Reply from 10.10.9.254: bytes=1390 time<1ms TTL=255 <- NO JUMBO FOR YOU!
Reply from 10.10.9.254: bytes=1390 time<1ms TTL=255 <- NO JUMBO FOR YOU!

Ping statistics for 10.10.9.254:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms

Moral of Story:
Only Physical interfaces ( this has only been verfied on my FW90D v.5.4.1 have not verified on anything else) will support Jumbo frames, virtual/sub interfaces only support standard 1500 MTU packets.. SAD DAY.

**FortinetGURU** · 09-29-2016, 04:07 PM

Sorry dude. I would have told you had you asked haha. Would have saved you a little time. I probably wouldn't have remembered until I read this though.

**AUFWGURU** · 09-29-2016, 05:55 PM

Yea, looks like I will be moving away from the VLAN interfaces and using physical ones. I wonder, just how much overhead on the FGT using vlan interfaces actually causes.

**AUFWGURU** · 10-01-2016, 01:54 PM

Well, changed all my sub-interfaces to physical interfaces and now all my Jumbos belong to me!! Woot!

**FortinetGURU** · 11-01-2016, 11:13 AM

Nice fix. It is annoying to have to do that but it is what it is.

**CyberNorris** · 11-23-2016, 04:32 PM

My understanding is MTU on a virtual or sub interfaces must match the MTU of the physical interface.

I ran into this with a P2P circuit that required a slightly smaller MTU because of an IPSec tunnel. We had to set MTU on each physical interface and virtual interface as well as each SSID.

Thread: GOT MTUs?

Thread Tools

Search Thread

Display

GOT MTUs?

Tags for this Thread

Posting Permissions