MTU difference between Cisco and Juniper
(Information taken from j-nsp mailing list and vendors homepages)
NOTE: The actual frames transmitted also contain cyclic redundancy check (CRC) bits, which are not part of the media MTU. For example, the media MTU for a Gigabit Ethernet interface is specified as 1500 bytes, but the largest possible frame size is actually 1504 bytes; you need to consider the extra bits in calculations of MTUs for interoperability.
The physical MTU for Ethernet interfaces does not include the 4-byte frame check sequence (FCS) field of the Ethernet frame.
If you do not configure an MPLS MTU, the JUNOS software derives the MPLS MTU from the physical interface MTU. From this value, the software subtracts the encapsulation-specific overhead and space for the maximum number of labels that might be pushed in the Packet Forwarding Engine. Currently, the software provides for three labels of four bytes each, for a total of 12 bytes.
- Default media MTU = Default IP MTU + L2 encapsulation overhead
- Default IP MTU = Default media MTU – L2 encapsulation overhead
- MPLS MTU = physical interface MTU – L2 encapsulation overhead – 12
- if IP MTU is already set, so MPLS MTU = IP MTU + 20 byte
If you change the size of the media MTU, you must ensure that the size is equal to or greater than the sum of the protocol MTU and the encapsulation overhead.
|Interface Type||Default Media MTU (Bytes)||Maximum MTU (Bytes)||Default IP Protocol MTU (Bytes)|
|Adaptive Services (MTU size not configurable)||9192||N/A||N/A|
|Fast Ethernet||1514||9192 (4-port)
|Gigabit Ethernet||1514||9192||1500 (IPv4)
A Cisco router configured for IP+MPLS routing also uses different Maximum Transmission Unit (MTU) values fo different purposes:
- The hardware MTU configured with the mtu interface configuration command
- The IP MTU configured with the ip mtu interface configuration command
- The MPLS MTU configured with the mpls mtu interface configuration command
Changing the MTU value with the mtu interface configuration command can affect values for the protocol-specific versions of the command (the ip mtu command, for example). If the value specified with the ip mtu interface configuration command is the same as the value specified with the mtu interface configuration command, and you change the value for the mtu interface configuration command, the ip mtu value automatically matches the new mtu interface configuration command value. However, changing the values for the ip mtu configuration commands has no effect on the value for the mtu interface configuration command.
- Default media MTU –> Default IP MTU (L2 encapsulation overhead not included)
- MPLS MTU –> MPLS overhead + Default IP MTU
edit 2009/06/08: you can find values for encapsulation overhead of different interface types here
Differences between Ping implementation on Cisco and Juniper routers
Ping from Juniper with “size 1000″ on an ethernet interface
1042 bytes on wire
– 14 bytes Ethernet header
– 20 bytes IP header
– 8 bytes ICMP header
– 1000 bytes ICMP Data (as spezified with the size keyword)
Ping from Cisco with “size 1000″ on an ethernet interface
1014 bytes on wire
– 14 bytes Ethernet header
– 1000 bytes IP header, ICMP header and ICMP Data
–> 972 bytes ICMP Data
Cisco includes IP and ICMP header in the spezified size of 1000 bytes. That means, that the length of the whole IP packet is specified with the size parameter. ICMP Payload in this case is 1000-20-8 = 972 bytes.
Juniper adds IP and ICMP header to the payload size spezified. So 1000 becomes 1028 bytes of ip packet.
(Note: This is the same bevahiour as with WinXP)
There’s a Cisco router directly connected to a Juniper olive. The IP mtu on the Cisco’s inteface Fa0/0 facing the Juniper is set to 1000.
interface FastEthernet0/0 ip address 192.168.222.100 255.255.255.0 ip mtu 1000 duplex auto speed autoCisco#sh ip int f0/0 | i MTU MTU is 1000 bytes Cisco#
When you try to ping from Cisco to Juniper with DF bit set, the largest ping size you can spezify is 1000
Cisco#ping 192.168.222.200 size 1001 df-bit Type escape sequence to abort. Sending 5, 1001-byte ICMP Echos to 192.168.222.200, timeout is 2 seconds: Packet sent with the DF bit set . Success rate is 0 percent (0/1) Cisco#ping 192.168.222.200 size 1000 df-bit Type escape sequence to abort. Sending 5, 1000-byte ICMP Echos to 192.168.222.200, timeout is 2 seconds: Packet sent with the DF bit set !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 8/16/36 ms Cisco#
When you do the same ping from Juniper to Cisco, the largest size is 972. This is due to the fact, that Juniper’s ping implementation spezifies the length of the ICMP payload instead the length of the whole IP packet.
root@olive> ping 192.168.222.100 size 973 do-not-fragment PING 192.168.222.100 (192.168.222.100): 973 data bytes ^C --- 192.168.222.100 ping statistics --- 2 packets transmitted, 0 packets received, 100% packet lossroot@olive> ping 192.168.222.100 size 972 do-not-fragment PING 192.168.222.100 (192.168.222.100): 972 data bytes 980 bytes from 192.168.222.100: icmp_seq=0 ttl=255 time=27.549 ms 980 bytes from 192.168.222.100: icmp_seq=1 ttl=255 time=34.765 ms ^C --- 192.168.222.100 ping statistics --- 2 packets transmitted, 2 packets received, 0% packet loss round-trip min/avg/max/stddev = 27.549/31.157/34.765/3.608 ms