I'm using a GRE IPv4 tunnel between a cisco and linux machines
I did some packet capture, and saw that my MTU was 1418, but the cisco was sending TCP packet with a MSS of 1380. This created a bunch of issues. When I told the cisco box to use a MSS of 1378 everything starting to work fine.
So why Cisco is off by 2 Bytes?
Does the GRE implementation on Linux uses 2 extra bytes compared to Cisco (or vice versa)?
I'm using a GRE IPv4 tunnel between a cisco and linux machines
Can you mail:
IOS:
- sh run int TuX
- sh int TuX | i MTU
- sh ip int TuX | i MTU
Linux:
- output of "/sbin/ip link show greX" (or whatever your GRE interface is
named)
I did some packet capture, and saw that my MTU was 1418
What MTU? Including which overheads? 
but the cisco was sending TCP packet with a MSS of 1380.
Using which TCP options? How large was the TCP overhead?
This created a bunch of issues. When I told the cisco box to use a MSS of 1378 everything starting to work fine.
So why Cisco is off by 2 Bytes?
The only GRE options using 2 bytes are GRE checksum and offset. Haven't
seen any of them being used by default by IOS. IOS default GRE payload
MTU traversing an IPv4 MTU 1500 egress interface is 1476 (1500 minus 20
octets IPv4 header, 4 octets GRE header).
But e.g. TCP SACK permit option on SYN packets would be 2 octets.
Does the GRE implementation on Linux uses 2 extra bytes compared to
Cisco (or vice versa)?
Not by default, in my experience.
Best regards,
Daniel
Handy reference:
http://en.wikipedia.org/wiki/Generic_Routing_Encapsulation#Packet_header
The GRE header length will be evenly divisible by 4. If the checksum
is present then so is the offset, and vice versa. So if you're seeing
a 2 byte (not 4 byte) difference that's coming from somewhere else.
Regards,
Bill Herrin