Transmission Unit" Is the size in bytes of the largest network layer (layer 3) PDU that can be communicated in a single network transaction. Because the PDU (the agglutination of the control headers + the actual data payload) of the network layer (layer 3) is called "packet", we can say that the MTU is how big (in bytes) a packet can be so we are able to send it in one network transaction. In TCP/IP model, the most famous protocol at layer 3 is IP. So another way to describe MTU would be the maximum IP packet size on a given link that can be transmitted in just one transaction. It is clear that MTU concept is related with layer 3, or how big can be the IP packet that we send in just one network transaction. Because IP datagram is 2 bytes, in theory, the maximum value for the MTU should be 2^16-1= 65535 bytes or roughly 64 KB (remember that we start to count from 0, so that -1 is required). But that is not the case because at the end in TCP/IP layered model we depend on the layer 2 (link layer) to send the information. The PDU of layer 2 is the frame, and the most famous protocol in layer 2 is Ethernet. The maximum payload in Ethernet is 1500 bytes (detailed information why can be found here) So the thing is that the MTU cannot be 64KB, because the maximum payload of Ethernet (the underlying layer) is 1500 bytes. This is why in normal circumstances (without Jumbo Frames) the maximum MTU is 1500 bytes because we have the limitation of the underlying layer 2 and the Ethernet protocol. So even MTU being a concept of layer 3, it is limited by the possibilities of layer 2. What is the MSS? MSS stands for "Maximum Segment Size". Is a concept of Layer 4 (transport layer). Just as a reminder: the most famous protocols in layer 4 are TCP and UDP, being TCP the most used. MSS is a parameter of the options field of the TCP header that specifies the largest amount of data, specified in bytes, that a computer or communications device can receive in a single TCP segment (without fragmentation). MSS refers just to the effective payload, not counting the headers, unlike the MTU that includes them in the calculations. MSS is derived from MTU and because MSS does not count the extra headers, just the payload, it is necessary that: MSS bytes < MTU bytes. Maximum MSS = MTU - headers Hence, to avoid fragmentation in the IP layer, a host must specify the maximum segment size as equal to the largest IP datagram that the host can handle (MTU) minus the IP and TCP header sizes. The max MTU as we have said is 1500 and TCP headers are 20 bytes and IP headers are 20 bytes, it will be clear that: MSS = 1500 - 20 - 20 = 1460 bytes For TCP over Ethernet the maximum MSS is 1460 bytes. Small MSS values will reduce or eliminate IP fragmentation but will result in higher overhead. Each direction of data flow can use a different MSS. What are Jumbo Frames? Jumbo Frames are Ethernet frames with a payload greater than the standard maximum transmission unit (MTU) of 1,500 bytes, but normally when we say Jumbo Frames, we are referring to 9000 bytes Ethernet frames. How can be that possible, it was not the limit 1500 bytes? Correct, the limit is/was 1500 bytes. Jumbo frames require special equipment. The switch, host computer NIC, and client computer NIC must support them, otherwise, performance may actually decrease as incompatible devices drop frames or fragment them, the latter of which can task the CPU with higher processing requirements. What are the benefits of using Jumbo Frames? Enabling jumbo frames can improve network performance by making data transmissions more efficient. The CPUs on switches and routers can only process one frame at a time. By putting a larger payload into each frame, the CPUs have fewer frames to process. These gains are only realized, however, if each link in the network path -- including servers and endpoints -- is configured to enable jumbo frames at the same MTU. Otherwise, Enabling jumbo frames may also increase packet loss rates. How can we troubleshoot issues related with Jumbo Frames? The problem with increasing the MTU over the default value of 1500 is that all network devices along the path must support the increased MTU value. This is not always the case. We must ensure that the MTU is consistent all over the path, otherwise, weird problems can appear. All network devices in the path between two hosts, must support and be configured to use the same MTU. In order to avoid problems with inconsistent MTU, we need to calculate the path MTU, which is the minimum MTU on any network segment that is currently in the path between two hosts. Tools for calculating the Path MTU: 1) Tracepath Tracepath traces the path from source to destination showing the MTU of each hop. It helps to detect any inconsistent MTU along the path. An example of an inconsistent MTU problem below:
The -n parameter is for not resolving hostnames and
work only with IP addresses. Please note, in the example, the change of the MTU value from 1500 to 1476 (hop 2) and the inability to detect the newer MTU value after that hop. An example of a MTU consistent along the path: tracepath -n 146.176.1.130 1: 146.176.3.6 0.070ms pmtu 1500 1: 146.176.3.254 (146.176.3.254) 0.235ms 2: 146.176.209.2 (146.176.209.2) 0.325ms 3: machine1.domain.com (146.176.1.130) 0.213ms reached Resume: pmtu 1500 hops 3 back 3 Please note the consistent MTU of 1500 in all the path in the example above. 2) Using ping to calculate the path MTU. Ping can be used to calculate the path MTU. The key is to use it, not in the standard form, but with two modifiers. One modifier will be used for specifying the packet size and the other to prohibit fragmentation. The packet size must be the real packet size we want to test minus twenty eight. This is because the header of ICMP is eight bytes and the IP header is twenty bytes. How to use the ping command in LINUX to detect MTU problems? In linux the command will be ping -M do -s <size_of_the_package>-28 <IP address> -c 4 Let s say that we want to test if an MTU of 1500 is possible along the path between one machine and another. At the source, we will issue a command like the following.
We are confirming above that it is possible to reach
https://www.linkedin.com/redir/invalid-link- page?url=10%2e64%2e102%2e30 with an MTU of 1500. Let s see if we can increase the MTU size to 1518. The package size to use in that case with the ping command would be 1518-28=1490
We can see that destination is not reachable as
fragmentation would be needed (Frag needed and DF set) Then we can say that this MTU of 1518 bytes cannot be used in this environment. How to use the ping command in Windows? The command is similar to the one in Linux, but the modifiers are different: ping -f -l <size_of_the_package>-28 [destinationIP] Note: -f is the modifier for setting the 'do not fragment bit' So, for testing if a MTU of 1500 is possible between one source machine and a destination machine in Windows, the command to issue would be: ping -f -l 1472 [destinationIP] If there are MTU inconsistencies between two points, it will be needed to be investigated by the network team. We need to ensure that MTUs greater than 1500 are actually supported by the appropriate network equipment along the path.