Maximum Transmission Unit (MTU)

In networking, MTU (Maximum Transmission Unit) is the largest size of a packet or frame, specified in octets (eight-bit bytes), that can be sent in a single network layer transaction.

Think of it like the height limit on a highway bridge: if a truck is too tall to fit under the bridge, it either has to find a different route or break the load into smaller pieces to pass through.

How MTU Works

Most networks, including the internet, primarily use Ethernet, which has a standard MTU of 1500 bytes. This means that any single packet sent from your computer cannot exceed this size without being modified.

A standard packet consists of:

• The Payload –  The actual data being sent (e.g., part of an image or a snippet of an email).

• The Headers – The “envelope” information (IP and TCP headers) that tells the network where the data is going.

Fragmentation

When a packet encounters a network link with an MTU smaller than its current size, the router must perform fragmentation. The router breaks the packet into smaller pieces, each with its own header, so they can fit through the restricted “pipe.”

While this ensures the data arrives, it creates overhead:

1. Increased CPU Usage: Routers must work harder to slice the data.

2. Latency: The receiving device must wait for all fragments to arrive and reassemble them.

3. Risk of Loss: If just one fragment is lost, the entire original packet must be retransmitted.

Why MTU Should Matter To You

If you are managing network equipment, specifically firewalls or VPN tunnels, MTU mismatches are a common “silent killer” of connectivity.

• The “Black Hole” Effect – If a device has Path MTU Discovery (PMTUD) disabled or a firewall drops the necessary ICMP messages, a packet that is too large will simply be dropped without notifying the sender. To the user, this looks like a website that “hangs” halfway through loading.

• MSS Clamping – To avoid fragmentation in VPNs, engineers often use MSS (Maximum Segment Size) Clamping. This tells the two talking devices to limit their data chunks right at the start of the connection so the final packet (data + headers) never exceeds the MTU of the tunnel.

To find the optimal MTU for your network, you can use a ping sweep method. This involves sending ping packets of varying sizes and telling the network not to fragment them. If the packet is too large, the network will return an error.

The Testing Process

You will use the ping command with two specific flags:

• -D: Sets the “Don’t Fragment” (DF) bit.

• -s: Specifies the size of the packet payload.

1. Open Terminal.

2. Start with the standard size (1472 bytes) by running: ping -D -s 1472 google.com (Note: We use 1472 because 28 bytes are reserved for the IP and ICMP headers. $1472+28=1500$.)

3. Analyze the result:

   • Success: If you get a reply, your MTU is at least 1500.

   • Failure: If you see ping: sendto: Message too long, the packet is too big.

Finding the “sweet spot”

If 1472 failed, decrease the number by 10 or 20 until the pings pass, then slowly increase it by 1 until you find the highest number that works.

Example Calculation: If the highest successful payload size you found was 1464, your optimal MTU is: