Knowledge Search


[WX] Troubleshooting high packet loss in a VPN or MPLS WAN connection

  [KB12857] Show Article Properties

High packet loss on a VPN or MPLS connection in a WX network.
If you experience high packet loss and are using a VPN or MPLS connection, obtain a packet capture from each of the WX device's remote interface located at the end of the tunnel. You may see fragmentation of the IP packets for the WX tunneled packets ( TCP 3577 or IPcomp depending on the tunnel mode).

The WXOS and later have the PATH MTU feature which dynamically adjusts the MTU size of the tunneled packets depending on the network path.   For WXOS versions prior to, hard cod the MTU to avoid getting fragmentation. 

Changing the MTU manually can be done with the following commands:
configure reduction set max-meta-pkt-size <MTU>

To find the MTU size to enter, run a ping test:
ping (IP address) -l 1500 -t -f

1500 is the byte size that needs to be adjusted if the message "packet needs to be fragmented but DF set."  It's Usually best to decrease by 20 bytes at a time.

For VPNs, the optimal MTU size tends to be between 1200 and 1300.

Related Links: