Imperva Cyber Community

communities_1.jpg
 View Only
Expand all | Collapse all

Need to know the Maximum MTU size for imperva devices (X6510) gateway and M160 MX model.

  • 1.  Need to know the Maximum MTU size for imperva devices (X6510) gateway and M160 MX model.

    Posted 06-03-2021 19:52
    Edited by MOORTHY ETTIYANNAN 06-03-2021 20:00
    Hi Team,

    Would like to know the below info of Imperva devices, 

    1, What is the maximum size of MTU value for Imperva devices (X6510) gateway and M160 MX model supported...? we planning of changing this value to maximum if supports higher than the current.

    because the Imperva events are being sent to syslog server may not be clever enough to re arrange the fragmented MTU if suppose the current MTU size been exceeded for any of the events.

    2, Also is there any way to monitor the events/message exceeds the current MTU limit 1500? 

    3, our current MTU size of (X6510) gateway and M160 MX model is 1500.

    found the current MTU value using the below commands,
             'ifconfig | grep -i MTU'
             'ip add | grep mtu'

    Thanks

    #DatabaseActivityMonitoring

    ------------------------------
    MOORTHY ETTIYANNAN
    dba/dam
    IHIS
    Singapore
    ------------------------------


  • 2.  RE: Need to know the Maximum MTU size for imperva devices (X6510) gateway and M160 MX model.

    Posted 06-04-2021 10:52
    Moorthy,
    Thanks for the question.  We have a public article here:  Imperva Documentation Portal

    In the event you have trouble accessing that link, the solution is as follows:

    Solution

    Imperva gateways are configured with a 1500 MTU by default. If you are using JUMBO packets in your network (any packet larger than 1500), you must increase the MTU setting to your desired value and change the ONBOOT setting to "yes" in your network scripts. At the time of this writing 9000 is the max MTU supported. 

    For example, to increase MTU for eth0 to 9000, edit the configuration file /etc/sysconfig/network-scripts/ifcfg-eth0 and add the highlighted line (MTU) as shown below: 

    DEVICE="eth0" 
    MTU="9000" 
    ONBOOT="yes" 

    You will have to restart the network service using command: service network restart 
    The above configuration is per interface. Edit the corresponding script for each interface you want to change. In bridge (inline) mode, changes should be made on both of the interfaces which are part of the bridge. 
     

    *This change survives upgrade. If you have configured a new MTU value and then upgrade, it will remain the same. 



    ------------------------------
    Paul Hammons
    Imperva Senior Sales Engineer
    Cape Coral, Florida
    ------------------------------