Cisco 548 MTU size

[jkaftan]

I have a 6509 with a MSFC. I have it configured as our core switch and it is doing all of our routing. I have discovered that I cannot ping past my gateway with a packet size bigger then 548 Bytes. Does anybody know why? I can ping my gateway, i.e. the VLAN interface, on the same switch but as soon as I need to route I am limited to the 548 packet size.

Thanks

 

[johnilu]

I have seen a similar problem when trying to use ISL trunking over low bandwidth circuits. The problem was caused by my physical topology, and was corrected when I went dot1q trunks.

 

[jkaftan]

I have been doing some research and it may be a setting to protect me from DoS attacks. I presume it is holding back the size of the packet and that the "Don't fragment" bit is checked probably because most DoS attacks crank up the packet size. I am trying to confirm.

I am already trunking with dot1q.

Thanks

 

[vipergg]

Whats on the far end of the link ,sounds like that is what is limiting the packet size , have seen any packet size restrictions on a 6509 .

 

[jkaftan]

It is just on my lan. My PC connect directly to the 6509. I can ping my gateway on the 6509 but as soon as I try to ping anything that requires routing, including the router interface itself, I can only ping with 548 Bytes. I allowed ping through my firwall to a machine and my firewall is doing the same thing. I'm thinking this is only for ICMP traffic but I am not sure.

 

[vipergg]

Strange , never have seen anything like that on a 6509 and we have a lot of them from sup1 's up thru 720's .

 

[jkaftan]

I eventually realized that ping were getting choked only when they hit my firewall. The 6509 had nothing to do with it. My firewall chokes pings at 548 to minimize the effect of a DoS attack.

 

[vipergg]

Makes sense , have not seen anything like that on 6509's .