We are in a cluster environment. We have compute nodes with jumbo packets enabled and a MTU of 9000. We are running into some issues in tracebacks to an address outside of our lan, where jumbo packets are being dropped due a firewall with a standard MTU size of 1500. Is there a way to limit or fragment outgoing packets to this specific address to a smaller packet size without having to down and reconfigure the NIC? I was thinking it might be possible to generate a VNIC with a smaller MTU and bridged to the higher MTU physical NIC, but I'm open to any other suggestions.
M
You won't be able to use a vNIC with a different MTU than your attached physical interfaces using just about any bridging implementation. It's possible if you go for a layer 3 routed vnic implementation, but then it's pretty pointless to adjust MTU on a broadcast domain that consists of a single host.
Can you not adjust the MTU of your firewall to accommodate this network? If not, the sanest thing to do may be to only use jumbo frames on your backend storage networks, etc instead of your north-south traffic. If you want your network to use jumbo frames, the best thing to do is enable that on absolutely everything on that layer 2 network so as to avoid weird issues.
It's largely up to the application generating traffic as to whether anything will be marked do-not-fragment. These are all reasons that enabling jumbo frames is typically only advised if it resolves a performance problem that needed resolving. Jumbo frames can sometimes cause too many issues like this to be worth it unless it's actually needed.