Increase/Decrease MTU

Increase/Decrease MTU

I would like to know when should we  manually increase or decrease MTU.
I  have seen some examples when there is an extra header for instance when using PPoE , they decrease the MTU.

Any clarification will be very much appreciated

Thank you
jskfanAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

JohnBusiness Consultant (Owner)Commented:
Sometimes reducing MTU to 1492 or a bit less can improve VPN speeds somewhat.  Here is a decent explanation of this.

https://learningnetwork.cisco.com/thread/36098

The effects are normally very slight.
0
jskfanAuthor Commented:
I thought reducing MTU, causes the packets to be defragmented, which is not good
0
JohnBusiness Consultant (Owner)Commented:
A VPN packet needs to add header information and if the packet is already 1500 then it gets larger and fragments. If 1492 or a bit less, then there is room for the packet.  See also:

https://supportforums.cisco.com/t5/other-security-subjects/mtu-setting-on-ipsec-tunnel/td-p/327853
0
Redefine Your Security with AI & Machine Learning

The implications of AI and machine learning in cyber security are massive and constantly growing, creating both efficiencies and new challenges across the board. Check out our on-demand webinar to learn more about how AI can help your organization!

jskfanAuthor Commented:
If I am not wrong most interfaces default MTU is 1500 Bytes.
What is contained in the 1500 Bytes ? if you decrease the MTU then what will happen to the traffic contained in the 1500 Bytes.

I know you can decrease the MTU to allow other packets to fit in the 1500 Bytes,  but what else by default use the 1500  bytes or less ?

it is like saying there is a Bus with 1500 seats, but we do not know how many seats are empty and how many seats are filled up. Now at the Next station, if the sits are filled up then we cannot add any passenger, but if there are sits empty then we can.

MTU default size is 1500 Bytes, but we do not know how many Bytes are already occupied to begin with.
0
JohnBusiness Consultant (Owner)Commented:
I don't think the initial VPN packet fills the 1500 bytes. That is why this works. 1500 is the normal limit and setting MTU reduces this. That is why it works.
0
jskfanAuthor Commented:
John,

wanted just to understand what is already used in the 1500 Bytes.
because if we have several applications used, and each use a different protocol, then reducing the MTU will not cause slow traffic ?
0
JohnBusiness Consultant (Owner)Commented:
The packet size may vary and MTU forces the limit. You would need a packet sniffer and lots of time to look at packet construction.
0
JohnBusiness Consultant (Owner)Commented:
Your question was "I  have seen some examples when there is an extra header for instance when using PPoE , they decrease the MTU. Any clarification will be very much appreciated"

And the answer is, MTU limits the packet size to allow for additional header information and stay within the hard limit of 1500.
0
Blue Street TechLast KnightCommented:
Hi jskfan,

Here is an article on how to dial in your MTU and an explanation as to why it should be done that: https://www.experts-exchange.com/articles/12615/Unstable-Slow-Performing-Networks-or-VPNs-just-go-grocery-shopping.html

Let me know if you have any questions!
0
JustInCaseCommented:
PPoE has total size of 8 bytes (PPPoE header is 6 octets and the PPP Protocol ID is 2 octets) that's why they are reducing MTU size down to 1492 bytes.
MTU does not include L2 header, but L3 + L4 (if present in packet) + payload.

Since Ethernet has a maximum payload size of 1500 octets, and the PPPoE Header plus Protocol ID is 8 octets, an MRU greater than 1492 can only be accommodated if the negotiating devices, and any intermediate devices, are capable of treating the PPPoE Header plus
 Protocol ID as if they were part of the Ethernet Header. In other words, they must have sufficient overhead in their Ethernet Header representations to accommodate the extra 8 octets.

Devices that are not capable of handling the extra 8 octets in their Ethernet Header SHOULD negotiate an MRU no larger than 1492. If no MRU has been specified by the receiving side, the sending side MAY assume that the receiving side is capable of handling the PPP default MRU of 1500. To ensure compatability with older equipment, if the sending side is assigning an MRU greater than 1492 to the receiving side, (either by default, or through negotiation), it is RECOMMENDED that the sending side send one or more MRU-sized Echo-Request packets once the session is opened, to test that the receiving side and any intermediate equipment can handle the MRU. If no Echo-Replies are received, the sending side MAY choose to repeat the test with Echo-Request packets of size 1492. If these packets receive replies, the sending side MAY choose to treat the receiver as if it had explicitly specified an MRU of 1492.

If the LCP includes any 802.1Q VLAN tags, a device SHOULD negotiate an MRU no larger than 1492."
0
jskfanAuthor Commented:
PPOE is just an example.
what I am trying to understand how much you can decrease to allow certain protocols to fit in MTU ?
is 1500 Bytes, all Empty ? I thought TCP and IP packets already use the 1500 Bytes or around there.
0
JustInCaseCommented:
In that case you need to reduce MTU size for all present headers cumulative size, often it is needed manually to adjust MSS size too.
You can find excellent  explanation on Cisco's page (of my favorite links regarding IP packet and fragmentation - read it many times so far.
:)
Resolve IP Fragmentation, MTU, MSS, and PMTUD Issues with GRE and IPSEC
0
JohnBusiness Consultant (Owner)Commented:
Packet size is partly dependent on the application. You would have to look at each one .
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
nociSoftware EngineerCommented:
Hm. MTU is based one the most effective packet size for a connection.
For ethernet that is set to 1500, (effectively a size is subtracted from that as well leaving 1498 bytes / packet and limiting packets to 64K).
For each encasulation that the packet has a few bytes need to be subtracted. For PPPoE 8 bytes are needed, for IPSEC this is slightly more
for OpenVPN even more.  
VLAN's ID don't influence the MTU as they are added/removed from the ether frame header. (effectivly making packets 4 bytes bigger across a wire/fibre).

Instead of  setting the MTU hardcoded in the endpoint one could setup PMTU (Path MTU discovery) this will allow sending small packets or local packet at max. length but sends all packets the "Don't Fragment' option set. So the server will receive a warning when a packet is too large on first occurence, then a slightly smaller packet will be resent until the link accepts the packet.
This will find the maximum acceptable size so no fragmentation will start. achieving a best result.

Modern ethernet does allow for packets up to 9000 bytes (Jumbo frames) some network equiment might limit this to ~4K, ~5K or ~8K frames.
0
Prabhin MPEngineer-TechOPSCommented:
Hi,
please use the following command,
ifconfig ${Interface} mtu ${SIZE} up
ifconfig eth1 mtu 9000 up
0
nociSoftware EngineerCommented:
@prabhin MP: that advice could be a sure way to halt any traffic on your net IF jumbo frames of 9KB are not supported....
(and on windows it would be different, IOS  (Cisco's) is different,  other OS have different command  f.e. TCP CONFIG SET TCP /MTU={mtu}, and even recent linux systems have no ifconfig anymore.)
The Q was when/why not how..

Effectively the bottom line minimal MTU should be about 576 bytes  (512 bytes payload + various headers).
On an ethernet adapter that would waste > 2/3rd of the bandwidth though.
MSS needs to be <= MTU - 40 to prevent fragmentation.
PMTU can help set this up in an automated way between endpoints.
0
jskfanAuthor Commented:
Thank you Guys!
0
JohnBusiness Consultant (Owner)Commented:
You are very welcome and I was happy to help.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Routers

From novice to tech pro — start learning today.