Description

This article describes how to define MTU size larger than 1500 on VLAN interfaces.

Scope

FortiGate.

Solution

VLAN interface MTU size directly depends on the MTU size of the parent/associated interface.

For example: On 'WAN2', a physical interface creates a 'vlan_lab' VLAN interface. By default 'WAN2' interface MTU size is 1500.

When the MTU size is trying to be changed of the VLAN interface to more than 1500, the below error message appears.

config system interface
(interface)edit vlan_lab
(vlan_lab)set mtu-override enable
(vlan_lab)set mtu 9170

MTU size not valid. Should be in the range of 68 - 1500.
node_check_object fail! for mtu 9170

value parse error before '9170'
Command fail. Return code -2
end

To resolve this, set the MTU size on 'WAN2' interface to the desired value, for example set the MTU size to 9170

To set the MTU size enable, the 'mtu-override' command as below.

config system interface
    edit "wan2"
    set mtu-override enable
    set mtu 9170
end

Setting the MTU size for VLAN interface larger than 1500 is now possible. The MTU size of the VLAN interface always either equal or less than the parent/associated interface MTU size.

show system interface vlan_lab
    config system interface
        edit "vlan_lab"
            set vdom "root"
            set ip 10.10.10.10 255.255.255.0
            set device-identification enable
            set role lan
            set snmp-index 11
            set mtu-override enable
            set mtu 9170
            set interface "wan2"
            set vlanid 15
        next
    end

Related document:

Interface MTU packet size