[squid-users] MTU problem
Hi All, WebServer Cofnig: OS: Centos 5.3 running on VM Ware connected to Nortel switch with MTU 1500 Applications: Jboss-4.2.3 Network MTU Setup to 9000 Reverse Proxy Config OS: Centos 5.3 IBM x3350 Server Connected to Cisco Switch with MTU 1500 Application: Squid 2.7 Network MTU Setup to 9000 Squid cannot connect with MTU 9000 when MTU set to 1500 on the WebServer all fine //Remy -- Disclaimer and Confidentiality This material has been checked for computer viruses and although none has been found, we cannot guarantee that it is completely free from such problems and do not accept any liability for loss or damage which may be caused. Please therefore check any attachments for viruses before using them on your own equipment. If you do find a computer virus please inform us immediately so that we may take appropriate action. This communication is intended solely for the addressee and is confidential. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. The views expressed in this message are those of the individual sender, and may not necessarily be that of ISA.
Re: [squid-users] MTU problem
Mario Remy Almeida wrote: Hi All, WebServer Cofnig: OS: Centos 5.3 running on VM Ware connected to Nortel switch with MTU 1500 Applications: Jboss-4.2.3 Network MTU Setup to 9000 Reverse Proxy Config OS: Centos 5.3 IBM x3350 Server Connected to Cisco Switch with MTU 1500 Application: Squid 2.7 Network MTU Setup to 9000 Squid cannot connect with MTU 9000 when MTU set to 1500 on the WebServer all fine //Remy Sounds like a typical MTU situation. Forcing 9000 bytes through a 1500 byte port on the switch will result in failure. The switch will be generating ICMP messages to signal the problem and cause automatic packet reduction to kick in. Unless of course you have a firewall that blocks ICMP messages or have path MTU discovery turned off some other way anywhere down the chain of software and devices. Amos -- Please be using Current Stable Squid 2.7.STABLE6 or 3.0.STABLE19 Current Beta Squid 3.1.0.13
Re: [squid-users] MTU problem
Hi Amos, But I can login and browser the Applications server without any issue even if MTU set to 9000. //Remy Amos Jeffries wrote: Mario Remy Almeida wrote: Hi All, WebServer Cofnig: OS: Centos 5.3 running on VM Ware connected to Nortel switch with MTU 1500 Applications: Jboss-4.2.3 Network MTU Setup to 9000 Reverse Proxy Config OS: Centos 5.3 IBM x3350 Server Connected to Cisco Switch with MTU 1500 Application: Squid 2.7 Network MTU Setup to 9000 Squid cannot connect with MTU 9000 when MTU set to 1500 on the WebServer all fine //Remy Sounds like a typical MTU situation. Forcing 9000 bytes through a 1500 byte port on the switch will result in failure. The switch will be generating ICMP messages to signal the problem and cause automatic packet reduction to kick in. Unless of course you have a firewall that blocks ICMP messages or have path MTU discovery turned off some other way anywhere down the chain of software and devices. Amos -- Disclaimer and Confidentiality This material has been checked for computer viruses and although none has been found, we cannot guarantee that it is completely free from such problems and do not accept any liability for loss or damage which may be caused. Please therefore check any attachments for viruses before using them on your own equipment. If you do find a computer virus please inform us immediately so that we may take appropriate action. This communication is intended solely for the addressee and is confidential. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. The views expressed in this message are those of the individual sender, and may not necessarily be that of ISA.
Re: [squid-users] MTU problem
tis 2009-09-15 klockan 22:33 +1200 skrev Amos Jeffries: Sounds like a typical MTU situation. Forcing 9000 bytes through a 1500 byte port on the switch will result in failure. The switch will be generating ICMP messages to signal the problem and cause automatic packet reduction to kick in. Switches don't, they just drop whatever oversized packets they can't handle. Routers (including switching routers) do send ICMP. Regards Henrik
Re: [squid-users] MTU problem
tis 2009-09-15 klockan 17:57 +0400 skrev Mario Remy Almeida: Hi Amos, But I can login and browser the Applications server without any issue even if MTU set to 9000. If the vmware instance is running bridged it quite likely won't notice if the MTU setting it's trying to use is incompatible with the networking provided by the hardware host, and will happily send oversized packets only to see those silently dropped in transit. But that's a question better directed to a vmware forum. Squid operations require a properly functional network setup, which includes properly configured MTU settings. Detecting MTU failures is a little tricky by causal testing as you only notice these problems when some application tries to send a large chunk of data at once. Easily tested using ping with varying packet sizes however and observing the result using tcpdump/ethereal. Regards Henrik