Increase/Decrease MTU

jskfan
jskfan used Ask the Experts™
on
Increase/Decrease MTU

I would like to know when should we  manually increase or decrease MTU.
I  have seen some examples when there is an extra header for instance when using PPoE , they decrease the MTU.

Any clarification will be very much appreciated

Thank you
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
Sometimes reducing MTU to 1492 or a bit less can improve VPN speeds somewhat.  Here is a decent explanation of this.

https://learningnetwork.cisco.com/thread/36098

The effects are normally very slight.

Author

Commented:
I thought reducing MTU, causes the packets to be defragmented, which is not good
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
A VPN packet needs to add header information and if the packet is already 1500 then it gets larger and fragments. If 1492 or a bit less, then there is room for the packet.  See also:

https://supportforums.cisco.com/t5/other-security-subjects/mtu-setting-on-ipsec-tunnel/td-p/327853
Success in ‘20 With a Profitable Pricing Strategy

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Author

Commented:
If I am not wrong most interfaces default MTU is 1500 Bytes.
What is contained in the 1500 Bytes ? if you decrease the MTU then what will happen to the traffic contained in the 1500 Bytes.

I know you can decrease the MTU to allow other packets to fit in the 1500 Bytes,  but what else by default use the 1500  bytes or less ?

it is like saying there is a Bus with 1500 seats, but we do not know how many seats are empty and how many seats are filled up. Now at the Next station, if the sits are filled up then we cannot add any passenger, but if there are sits empty then we can.

MTU default size is 1500 Bytes, but we do not know how many Bytes are already occupied to begin with.
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
I don't think the initial VPN packet fills the 1500 bytes. That is why this works. 1500 is the normal limit and setting MTU reduces this. That is why it works.

Author

Commented:
John,

wanted just to understand what is already used in the 1500 Bytes.
because if we have several applications used, and each use a different protocol, then reducing the MTU will not cause slow traffic ?
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
The packet size may vary and MTU forces the limit. You would need a packet sniffer and lots of time to look at packet construction.
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
Your question was "I  have seen some examples when there is an extra header for instance when using PPoE , they decrease the MTU. Any clarification will be very much appreciated"

And the answer is, MTU limits the packet size to allow for additional header information and stay within the hard limit of 1500.
Blue Street TechLast Knight
Distinguished Expert 2018
Commented:
Hi jskfan,

Here is an article on how to dial in your MTU and an explanation as to why it should be done that: https://www.experts-exchange.com/articles/12615/Unstable-Slow-Performing-Networks-or-VPNs-just-go-grocery-shopping.html

Let me know if you have any questions!
Distinguished Expert 2018

Commented:
PPoE has total size of 8 bytes (PPPoE header is 6 octets and the PPP Protocol ID is 2 octets) that's why they are reducing MTU size down to 1492 bytes.
MTU does not include L2 header, but L3 + L4 (if present in packet) + payload.

Since Ethernet has a maximum payload size of 1500 octets, and the PPPoE Header plus Protocol ID is 8 octets, an MRU greater than 1492 can only be accommodated if the negotiating devices, and any intermediate devices, are capable of treating the PPPoE Header plus
 Protocol ID as if they were part of the Ethernet Header. In other words, they must have sufficient overhead in their Ethernet Header representations to accommodate the extra 8 octets.

Devices that are not capable of handling the extra 8 octets in their Ethernet Header SHOULD negotiate an MRU no larger than 1492. If no MRU has been specified by the receiving side, the sending side MAY assume that the receiving side is capable of handling the PPP default MRU of 1500. To ensure compatability with older equipment, if the sending side is assigning an MRU greater than 1492 to the receiving side, (either by default, or through negotiation), it is RECOMMENDED that the sending side send one or more MRU-sized Echo-Request packets once the session is opened, to test that the receiving side and any intermediate equipment can handle the MRU. If no Echo-Replies are received, the sending side MAY choose to repeat the test with Echo-Request packets of size 1492. If these packets receive replies, the sending side MAY choose to treat the receiver as if it had explicitly specified an MRU of 1492.

If the LCP includes any 802.1Q VLAN tags, a device SHOULD negotiate an MRU no larger than 1492."

Author

Commented:
PPOE is just an example.
what I am trying to understand how much you can decrease to allow certain protocols to fit in MTU ?
is 1500 Bytes, all Empty ? I thought TCP and IP packets already use the 1500 Bytes or around there.
Distinguished Expert 2018
Commented:
In that case you need to reduce MTU size for all present headers cumulative size, often it is needed manually to adjust MSS size too.
You can find excellent  explanation on Cisco's page (of my favorite links regarding IP packet and fragmentation - read it many times so far.
:)
Resolve IP Fragmentation, MTU, MSS, and PMTUD Issues with GRE and IPSEC
Business Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018
Commented:
Packet size is partly dependent on the application. You would have to look at each one .
nociSoftware Engineer
Distinguished Expert 2018
Commented:
Hm. MTU is based one the most effective packet size for a connection.
For ethernet that is set to 1500, (effectively a size is subtracted from that as well leaving 1498 bytes / packet and limiting packets to 64K).
For each encasulation that the packet has a few bytes need to be subtracted. For PPPoE 8 bytes are needed, for IPSEC this is slightly more
for OpenVPN even more.  
VLAN's ID don't influence the MTU as they are added/removed from the ether frame header. (effectivly making packets 4 bytes bigger across a wire/fibre).

Instead of  setting the MTU hardcoded in the endpoint one could setup PMTU (Path MTU discovery) this will allow sending small packets or local packet at max. length but sends all packets the "Don't Fragment' option set. So the server will receive a warning when a packet is too large on first occurence, then a slightly smaller packet will be resent until the link accepts the packet.
This will find the maximum acceptable size so no fragmentation will start. achieving a best result.

Modern ethernet does allow for packets up to 9000 bytes (Jumbo frames) some network equiment might limit this to ~4K, ~5K or ~8K frames.
Prabhin MPDevOps Engineer
Distinguished Expert 2018

Commented:
Hi,
please use the following command,
ifconfig ${Interface} mtu ${SIZE} up
ifconfig eth1 mtu 9000 up
nociSoftware Engineer
Distinguished Expert 2018

Commented:
@prabhin MP: that advice could be a sure way to halt any traffic on your net IF jumbo frames of 9KB are not supported....
(and on windows it would be different, IOS  (Cisco's) is different,  other OS have different command  f.e. TCP CONFIG SET TCP /MTU={mtu}, and even recent linux systems have no ifconfig anymore.)
The Q was when/why not how..

Effectively the bottom line minimal MTU should be about 576 bytes  (512 bytes payload + various headers).
On an ethernet adapter that would waste > 2/3rd of the bandwidth though.
MSS needs to be <= MTU - 40 to prevent fragmentation.
PMTU can help set this up in an automated way between endpoints.

Author

Commented:
Thank you Guys!
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
You are very welcome and I was happy to help.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial