[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] Secure VLANs

On Wed, Jan 5, 2011 at 9:32 PM, Fajar A. Nugraha <list@xxxxxxxxx> wrote:
>> (oh, be sure that eth0's
>> MTU is 4 bytes bigger than usual, to let the tag pass through).
> Modern distros (I tested RHEL and Ubuntu) works just fine without any
> need to manually adjust MTU whatsoever.

This is more related to the ethernet driver than the distro.  some of
them simply set a hardware limit to MTU+36, so the card would reject
bigger frames.  it's the wrong thing to do, since MTU is an IP
parameter, and the tag is an ethernet thing.  the 'right' thing would
be to set the limit to MTU+40 when using an interface for tagged
frames; but no driver does that.  since you're not supposed to use the
main interface for IP anymore, it doesn't harm to mess with MTU.

now, some (i forgot which) GbE-only drivers simply don't set any
hardware based limit.  the card will accept any frame up to the size
of some internal buffers (which can easily be 16 or even 64 KB), so
the 'add 4 to MTU' kludge isn't necessary.


Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.