I’m new to VyOS and struggling to do the following. I have VyOS installed in a VMware VM with 2 NIC’s connecting two separates networks. Now, I would like to keep the MTU value of 1500 for one NIC but reduce the MTU to say 700 for the other NIC. I’m using the command :
set interfaces ethernet eth1 mtu 700
I was expecting to capture the PMTUD process using Wireshark but still I’m able to ping from A to B (remote network) with a packet load grater thn 1400.
First, to point out, it was working all the time, I was doing it wrong. The set interfaces ethernet eth1 mtu 700 command will change the MTU on the desired interface.
I was running from network A ping to a device on network B (ping xxxx.xxxx.xxxx.xxxx -l yyy) but I did not specify the do not fragment flag ! -f Sets the “Don’t Fragment” flag in outgoing packets. So fragmentation occurred on VyOS!
What I was expecting is to receive a ICMP message from router to sender as the result of the PMTUD process: If any of the datagrams are too large to be forwarded without fragmentation by some router along the path, that router will discard them and return ICMP Destination Unreachable messages with a code meaning “fragmentation needed and DF set” [7]. Upon receipt of such a message (henceforth called a “Datagram Too Big” message), the source host reduces its assumed PMTU for the path.
But even after setting the “Don’t Fragment” flag I was not able to see the ICMP messages in my captures ! BECAUSE the PMTU process can be used with ICMP messages and without !
The one without ICMP message is called Packetization Layer Path MTU Discovery and I described very nicely in the following RFC:
The one with ICMP message:
Also a nice tool to share (you can check the MTU for a given path) using the mturoute tool: