|Title: How to change the MTU size on the SonicWALL UTM appliance|
The term Maximum Transmission Unit (MTU) refers to the
size (in bytes) of the largest packet that a given layer of a
communications protocol can pass onwards. MTU parameters usually appear
in association with a communications interface (NIC, serial port, etc.).
The default MTU size is 1500, however for some networking
technologies reducing the MTU size and allowing fragmentation can help
eliminate some connectivity problems occurring at the protocol level.
For example: Throughput for PPPoE can often be improved by reducing MTU to 1452 and enabling fragmentation.
Contact your ISP for the recommended MTU size for your Internet connection (cable, DSL, T1, etc...) or you can also use the
PING command at the Operating System prompt to determine the MTU size.
Example: Ping -f -l 1492 www.yahoo.com
The MTU settings may be found on the following pages of the user interface of SonicWALL appliances:
• Interface MTU - Specifies the largest packet size that the interface can forward without fragmenting the packet.
• Fragment non-VPN outbound packets larger than this Interface’s MTU - Specifies all non-VPN outbound packets larger than this Interface’s MTU be fragmented. Specifying the fragmenting of VPN outbound packets is set in the VPN > Advanced page.
• Ignore Don’t Fragment (DF) Bit - Overrides DF bits in packets.
• Do not send ICMP Fragmentation Needed for outbound packets over the Interface MTU - blocks notification that this interface can receive fragmented packets.
Note: It is recommended to check the 'Fragment non-VPN outbound packets larger than this Interface’s MTU' box if the MTU is set below the default of 1500. Press the OK or Update button to process the changes entered.
An additional setting allowing fragmentation should be made to the default outbound rule. Go to the Firewall > Access Rules (SonicOS Standard and Enhanced) or the Access > Rules page (Firmware 6.x) of the management interface. Find the default rule that allows default from LAN to *. Click the edit icon next to that rule, and check the 'Allow fragmented packets' option. Click OK to update the chagnes.
Making these settings changes will allow fragmented packets to pass from the LAN, and will also allow the SonicWALL to decrease the MTU size of the packet. This can make a big difference on outbound packets that are having trouble getting through.
|Authored by: Guru Corner on Sat, Mar 31st, 2012 at 6:00 PM
This question has been viewed 21124 times so far.
|Online URL: http://kb.guru-corner.com/question.php?ID=190|
Powered by Guru Corner