Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

tunnel-mtu (Services IPsec VPN)

Syntax

Hierarchy Level

Description

Maximum transmission unit (MTU) size for IPsec tunnels. This defines the maximum size of an IP packet, including the IPsec overhead.

Options

bytes—MTU size.

  • Default: 1500 bytes

  • Range: 256 through 9192 bytes

Note:

Clear the IPsec SA in tunnel-mtu to accommodate Jumbo frames larger than 1500 bytes.

Note:

Validation checks have been introduced to restrict the configuration of tunnel MTU for HA link encryption tunnels in a Multinode High Availability setup. This check ensures that the end-to-end MTU for HA links using IPv6 encryption meets the minimum requirement of 2000 bytes.

For example, if your configuration includes the following stanza, and MTU is less than 2000 bytes, you'll receive a commit check error:

Validation restricts tunnel MTU configuration to ensure HA links with IPv6 encryption meet the minimum 2000-byte MTU requirement for reliable high availability operations.

Required Privilege Level

interface—To view this statement in the configuration.

interface-control—To add this statement to the configuration.

Release Information

Statement introduced in Junos OS Release 7.5.