In the UK the default MTU value from most ISP's is 1492 for FTTP & FTTC connections.
Do I need to tweak the MTU value on the WAN interface when using PPPoE to 1492 or will the fortigate cope with the lower value as I can see the default MTU is 1500. Or will I experience issues such as packet loss if I do not lower the value.
TIA
Solved! Go to Solution.
The pppoe dynamic interface @abarushka is asking is not "wan" interface you configured PPPoE.
It should be named as like "pppx" in the routing table. Run a CLI command "get router info routing-table | grep 0.0.0.0" like below to find the name.
fg40f-utm (root) # get router info routing-t all | grep 0.0.0.0
S* 0.0.0.0/0 [1/0] via xx.xx.xx.xx, ppp3, [1/20]
Then check the MTU size it got like below:
fg40f-utm (root) # diag netlink interface list ppp3
if=ppp3 family=00 type=512 index=41 mtu=1492 link=22 master=0
Since it's a dynamic interface, you can't set MTU size manually.
Toshi
Hello,
Normally MTU should be automatically adjusted. You can verify by running "diag netlink interface list <PPPOE interface name>"
https://community.fortinet.com/t5/FortiGate/Technical-Tip-PPPoE-interface-configuration/ta-p/209005
thank you for the info however mine says -
f=wan family=00 type=1 index=5 mtu=1500 link=0 master=0
If I ping 4.2.2.1 -l 1464 -f
then I get
Pinging 4.2.2.1 with 1464 bytes of data:
Reply from 4.2.2.1: bytes=1464 time=21ms TTL=53
whereas ping 4.2.2.1 -l 1472 -f
Pinging 4.2.2.1 with 1472 bytes of data:
Packet needs to be fragmented but DF set.
So I am pretty sure the MTU value is set to 1492 on the ISP side so it does not look like it is auto adjusting?
Hello,
Could you please double check whether you specified correct interface name? I suspect that you run "diag netlink interface list <WAN interface name>" instead "diag netlink interface list <PPPOE interface name>".
Created on 11-27-2023 07:38 AM Edited on 11-27-2023 08:45 AM
Hi
we have the WAN physical interface configured for PPPoE
Hi @Scruffy,
You can configure TCP MSS value by following this article: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Setting-TCP-MSS-value/ta-p/194518
Regards,
The pppoe dynamic interface @abarushka is asking is not "wan" interface you configured PPPoE.
It should be named as like "pppx" in the routing table. Run a CLI command "get router info routing-table | grep 0.0.0.0" like below to find the name.
fg40f-utm (root) # get router info routing-t all | grep 0.0.0.0
S* 0.0.0.0/0 [1/0] via xx.xx.xx.xx, ppp3, [1/20]
Then check the MTU size it got like below:
fg40f-utm (root) # diag netlink interface list ppp3
if=ppp3 family=00 type=512 index=41 mtu=1492 link=22 master=0
Since it's a dynamic interface, you can't set MTU size manually.
Toshi
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.