Operator Practices

Sometimes, we make things harder than they already have to be.

Encapsulation Ad Absurdum

It’s not uncommon to see _three _ or more recursive overlay encapsulations

E.g. K8s VXLAN overlay on a hypervisor-networking GENEVE overlay on a data-center VXLAN overlay

That’s triple the risk of getting your math wonky while calculating what the nominal IP interface MTU should be.

Illustrated

pending.

Failure to Implement PLPMTUD

PLPMTUD solves all of the problems we’ve discussed
- But, only at the packetization-layer, not at the IP Layer.
It has been part of the TCP implementation in Linux and Windows for years, but it is not enabled by default.
If your device has a TCP implementation and it’s not doing PLPMTUD?
- Shame! Shame; shame; shame.

Jumbo Gumbo

It’s a (not un-)reasonable practice to set the gateway’s IP MTU to 9000 when enabling jumbo frames on an Ethernet broadcast domain.
It’s a (not un-)common practice to do this without requiring every host on the same subnet to:
- Have an L2 MRU of 9022(-ish) bytes
- Have an L3 MRU of 9000 bytes
This creates a PMTUD blackhole if any of those hosts don’t happen to have L2/L3 MRUs at least that high