Tunnel transport mtu not changing


Cisco IOS/NX-OS/etc. software does not configure the bandwidth for a virtual tunnel interface based on the physical interface to which it is assigned; instead, it applies a default "bandwidth" statement to the interface that depends on model of hardware and the version of software it is running (on many devices the default "BW" for a tunnel is 8kbps!). In short, if the encrypted traffic isn't the endpoint of the tunnel, tunnel mode will be used. Your original statement: "so tunnel mode provides the protection for the original source and destination address by encapsulating it under esp..and in transport mode original ip address is visible because in it only data is encapsulated." is true. Encapsulation TUNNEL, loopback not set. Keepalive not set. Tunnel source 10.123.120.3, destination 10.123.39.1. Tunnel protocol/transport GRE/IP. Tunnel TTL 255, Fast tunneling enabled. Tunnel transport MTU 1476 bytes. Tunnel transmit bandwidth 8000 (kbps) Tunnel receive bandwidth 8000 (kbps)----- Thanks and Regards, Yugandhar Without the ip mtu setting applications which utilize UDP for transport, but which do not attempt to discover path MTU independently, would suffer the effects of fragmentation when generating packets with payload in excess of what can be supported taking into account the extra overhead incurred by the GRE/IPsec tunnel