Filter
Top Products
2
46 Nokia Network Voyager for IPSO 4.0 Reference Guide
5. Click Delete.
6. Click Apply.
Configuring MSS Clamping
When end devices use path MTU discovery, it can cause connectivity problems when their
connections pass through PPPoE interfaces. Use the MSS Clamping field to prevent these
problems by reducing the maximum segment size (MSS) that is advertised across the outgoing
link.
IPSO advertises the value in this field as the MSS for packets that transit this interface. If a
connected device (such as a host system) advertises a greater MSS, IPSO advertises the value in
this field instead of the value advertised by the device. There is no default value for the MSS
Clamping field. If you do not enter a value, the MSS advertised by end devices is always
advertised across the link.
If hosts connected to this interface experience connectivity problems with some destinations, use
this field to restrict the MSS that they can advertise. Entering a value of 1452 will probably solve
any such problems.
See RFC 2923 for more information about how path MTU discovery that can cause connectivity
problems.
Virtual LAN Interfaces
Nokia IPSO supports virtual LAN (VLAN) interfaces on all supported Ethernet interfaces.
VLAN interfaces lets you configure subnets with a secure private link to Check Point FW-1/
VPN-1 with the existing topology. VLAN enables the multiplexing of Ethernet traffic into
channels on a single cable.
The Nokia implementation of VLAN supports adding a logical interface with a VLAN ID to a
physical interface. In a VLAN packet, the OSI Layer 2 header, or MAC header, contains four
more bytes than the typical Ethernet header for a total of 18 bytes. When traffic arrives at the
physical interface, the system examines it for the VLAN layer-two header and accepts and
forwards the traffic if a VLAN logical interface is configured. If the traffic that arrives at the
physical interface does not have a VLAN header, it is directed to the channel 0, or untagged,
interface. In the Nokia implementation, the untagged channel-0 interface drops VLAN packets
that are sent to the subnets on that interface.
Outgoing traffic from a VLAN interface is tagged with the VLAN header. The Nokia appliance
can receive and generate fully conformant IEEE 802.1Q tags. The IEEE802.1Q standard defines
the technology for virtual bridged networks. The Nokia implementation is completely
interoperable as a router, not as a switch.
IPSO supports a maximum of 1015 VLAN interfaces. However, if you do not explicitly
configure the system to support this number (in the Maximum Number of VLANs Allowed text
box), the default maximum is 950 VLAN interfaces.This is system limit and not limited to
specific interface.