No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


AR Router Troubleshooting Guide

This Product Documentation provides guidance for maintaining AR Enterprise Router, covering common information collection and fault diagnostic commands, typical fault troubleshooting guide, and troubleshooting.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
What Are the Reasons for L2TP VPN Service Interruptions?

What Are the Reasons for L2TP VPN Service Interruptions?

Possible Causes

  • The route is unreachable.
  • The MTU is incorrectly set on the virtual interface.
  • The TCP MSS is incorrectly set on the virtual interface. Ensure that the total packet length (TCP MSS plus all the header lengths) is no greater than the MTU value. Otherwise, packets may not be transmitted correctly.

Troubleshooting Procedure

  1. Run the ping or tracert command to check whether the route is reachable.
  2. Run the ping -s packetsize -a source-ip-address host command to check whether packets are fragmented.

    Run the ping command to test packets of different sizes and determine whether packet loss occurs or the ping fails. Find the threshold (If the packet size exceeds the threshold, packets may be lost or the ping may fail.)

    Run the mtu mtu command in the interface view to change the MTU value to be less than the threshold.

    If the access speed of some TCP services remains low or if some TCP services are interrupted intermittently after a new MTU value is configured, run the tcp adjust-mss value command in the interface view to change the MSS value of TCP packets.

Additional Information

Packet fragmentation consumes considerable CPU resources, resulting in degraded quality of services. To ensure high quality of services, consider the following when configuring L2TP:

  • MTU

    Maximum transmission unit (MTU) determines the maximum number of bytes that can be transmitted on a link at a time. The MTU value varies according to the interface type. For example, the default MTU for Ethernet interfaces is 1500 bytes. The MTU of a link depends on the interface with the smallest MTU. If the size of packets to be sent by an interface exceeds the MTU of the interface, the device fragments encrypted packets before transmitting them. After an interface receives all the fragments of an IP packet, the interface reassembles the fragments before decrypting the packet. Fragmentation and reassembly consume CPU resources.


    TCP MSS specifies the maximum segment size of TCP packets. If the total packet length (TCP MSS plus all the header lengths) is greater than the link MTU, data packets are fragmented for transmission. Both fragmentation and encryption/decryption of packets consume CPU resources of devices on the transmission link. High CPU resource consumption may cause packet loss.

    Some upper-layer applications, such as an application layer protocol like HTTP, set the Don't Fragment (DF) field in the IP packet header to 1, preventing TCP packets from being fragmented. If the DF field is set to 1 and the interface MTU is less than the MSS, the device will discard TCP packets because it cannot fragment them.

Updated: 2019-05-10

Document ID: EDOC1000079719

Views: 456002

Downloads: 4321

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Previous Next