↪️
ccie.nyquist.eu
  • Table of Contents
  • Layer 2 Technologies
    • Ethernet Switching
      • L2 Switch Operations
      • Spanning Tree
        • 802.1d – STP
        • 802.1w – RSTP
        • 802.1s – MSTP
      • VTP 101
      • Private VLANs
      • VLANs
      • EtherChannel 101
    • Layer 2 WAN Protocols
      • HDLC
        • HDLC 101
      • PPP
        • PPP 101
        • PPP Authentication - PAP
        • PPP Authentication – CHAP
        • PPP Authentication – EAP
        • PPP Multilink
        • PPPoFR – PPP over Frame Relay
        • PPPoE – PPP over Ethernet
      • Frame Relay
        • Frame Relay 101
        • Frame Relay 102
        • Frame Relay Encapsulations – IETF vs Cisco
        • Multilink Frame Relay
        • Frame Relay Switching
        • Routing over Frame Relay
      • Bridging
        • Bridging on a router
        • MTU 101
    • Wireless
      • Wireless Principles
      • Wireless Implementations
      • Wireless Roaming
      • Wireless Authentication
        • WPA2 PSK
        • WPA2 802.1X
  • IPv4
    • IPv4 Addressing
      • Backup Interfaces
      • FHRP 101
      • DHCP 101
      • DNS 101
      • ARP 101
      • IPv4 101
      • Tunnel Interfaces
        • GRE Tunnels
      • BFD – Bidirectional Forwarding Detection
    • IPv4 Routing
      • How the routing table is built
        • How CEF works
        • Routing Order of Operations
        • NSF – Non Stop Forwarding
      • RIP
        • RIP 101
      • EIGRP
        • EIGRP 101
        • EIGRP Metric
        • More EIGRP Features
      • OSPF
        • OSPF 101
        • OSPF Areas
        • OSPF LSAs
        • OSPF Mechanics
      • IS-IS
        • IS-IS 101
        • IS-IS Mechanics – CLNP
      • BGP
        • BGP 101
        • BGP Attributes
        • More BGP
      • Route Redistribution
      • Policy based Routing
      • PfR 101 – Perfromance Routing
      • ODR
  • IPv6
    • IPv6-101
    • IPv6 Routing
    • Interconnecting IPv6 and IPv4
  • MPLS
    • MPLS 101
    • MPLS L3 VPN
  • Multicast
    • Multicast 101
    • PIM 101
    • IGMP 101
    • Inter Domain Multicast
    • IPv6 Multicast
    • Multicast features on switches
  • Security
    • NAT 101
    • NAT for Overlapping Networks
    • ACLs 101
    • ACLs 102
    • Cisco IOS Firewall
    • Zone Based Firewall
    • AAA 101
    • Controlling CLI Access
    • Control Plane
    • Switch Security
      • Switchport Traffic Control
      • Switchport Port Security
      • DHCP Snooping and DAI
      • 802.1x
      • Switch ACLs
    • IPSec VPN 101
      • IKE / ISAKMP 101
      • IPSEC Crypto Maps 101
      • IPSEC VTI 101
      • DMVPN 101
    • EAP 101
  • Network Services
    • NTP 101
    • HTTP 101
    • File Transfer 101 – TFTP & FTP
    • WCCP 101
  • QoS
    • QoS 101
    • Classification and Marking
    • Congestion Management
      • Legacy Congestion Management
      • SPD – Selective Packet Discard
      • CBWFQ
      • IP RTP Priority
    • Congestion Avoidance – WRED
    • Policing and Shaping
      • CAR 101
    • Compression and LFI
      • Header and Payload Compression
      • LFI for MultiLink PPP
    • Frame Relay QoS
      • Per VC Frame Relay QoS
    • RSVP 101
    • Switching QoS
  • Network Optimization
    • NetFlow 101 – TNF – Traditional NetFlow
    • NetFlow 102 – FNF – Flexible NetFlow
    • IP SLA 101
    • IP Accounting 101
    • Logging 101
    • SNMP and RMON 101
    • Cisco CLI Tips and Tricks
    • AutoInstall
    • Enhanced Object Tracking
    • Troubleshooting 101
    • SPAN, RSPAN, ERSPAN
  • Network Architecture
    • Hierarchical Network Architecture
    • SD Access
    • SD WAN
Powered by GitBook
On this page
  • On a router
  • Layer 2 – mtu
  • Layer 3 – ip mtu
  • Layer 4 – ip tcp mss
  • On a switch
  • Layer 2 – system mtu
  • Layer 3 – system mtu routing
  • When to worry about MTU

Was this helpful?

  1. Layer 2 Technologies
  2. Layer 2 WAN Protocols
  3. Bridging

MTU 101

MTU stands for Maximum Transmission Unit. This is the amount of data that can be transmitted by one protocol. MTU is used at every layer of the OSI stack, but it’s value is closely related to the layer/protocol.

On a router

Layer 2 – mtu

On a router, the mtu command applied on an interface defines the value of the L2 payload. This means how much data a L2 frame can contain, without the L2 header or trailer. By default, this value is 1500 Bytes on Serial and FastEthernet interfaces, but it can be changed with:

R(config-if)# mtu BYTES
! Default: 1500

To see the current value used as the L2 MTU, use:

R# show interface INTERFACE | i MTU
  MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec,

As you will see in the next section, on a Cisco device the mtu and the ip mtu values refer to the same portion of a packet. The value defined for the L2 MTU is closely related to the value defined for the L3 MTU because the L3 MTU can’t be larger than the L2 MTU. When setting the L2 MTU to a value lower than L3 MTU, the L3 MTU also changes. When setting the L3 MTU you can’t set a value larger than L2 MTU, but it can be lower. The L2 MTU doesn’t change. When a router receives a frame that is larger than the L2 MTU (comparing only the L2 payload), the packet is dropped.

Layer 3 – ip mtu

On a router, the ip mtu command applied on an interface defines the size of the L3 packet, including its headers. As you can see, this represents the same portion as the one used as the L2 MTU. By default, the L3 MTU value for Serial or FastEthernet connections is 1500 Bytes, same as the default L2 MTU. You can change it with:

R(config-if)# ip mtu BYTES
! Default: 1500

To see the current value used as the L3 MTU, use:

R# show ip interface INTERFACE | i MTU
  MTU is 1500 bytes

If you need to send L3 packets that are larger than the IP MTU, fragmentation occurs. The router will split the original packets in packets that can be accommodated by the L3 MTU size. Well, this works as long as the packet doesn’t have the DF(Don’t Fragment) bit set. If such a packet arrives and the L3 MTU is smaller than the packet size, then the packet is dropped and an ICMP message is generated (packet too big)

Layer 4 – ip tcp mss

On a router, the MSS (Maximum Segment Size) represents the MTU value for TCP – How much data can a TCP packet contain. This value is negotiated during TCP handshake and is chosen as the smallest value configured on the sender or the receiver. When a Cisco Router is a sender or a receiver, it uses a MSS value of 1460 Bytes for local destinations (same subnet) and 536 bytes for remote destinations. This value can be changed with:

R(config)# ip tcp mss BYTES

When a router is neither the sender, nor the receiver it can intercept TCP packets and modify the MSS value to prevent dropping larger packets than the network would accept. To enable this, use:

R(config)# ip tcp adjust-mss BYTES

On a switch

Layer 2 – system mtu

On a switch you can’t configure individual MTU values for every port. Instead, a global MTU value is configured that is used on all ports. This value only changes when the router reloads. The definition for the L2 MTU is the same as for routers and has the same default value: 1500 Bytes. It can be changed with:

Sw(config)# system mtu BYTES
! Default 1500. Max:1998. Requires reload

When a switch receives frames that are larger than the L2 MTU, it drops them.

Sw# show system mtu
System MTU size is 1500 bytes
System Jumbo MTU size is 1550 bytes
Routing MTU size is 1500 bytes.

Layer 2 – system mtu jumbo

For Gigabit interfaces, the value for Jumbo MTU is used. To configure the switch to support Jumbo frames on Gigabit ports, use:

Sw(config)# system mtu jumbo BYTES
! Default 1500. Max: 9000. Requires reload

If a switch receives frames larger than the JUMBO MTU, it drops them. If a switch receives a frame larger than the L2 MTU, but smaller than the JUMBO MTU, it will still drop them if they are destined for a FastEthernet port, regardless of the port they were received on.

Sw# show system mtu
System MTU size is 1500 bytes
System Jumbo MTU size is 1550 bytes
Routing MTU size is 1500 bytes.

Layer 3 – system mtu routing

This value represents the L3 MTU size and can’t be bigger than the L2 MTU size. If the L2 MTU size is set lower than the L3 MTU size, the L3 MTU size will also change after reload. This value is also used by OSPF when advertising its MTU. To change it, use:

R(config)# system mtu routing BYTES
! Default 1500. Doesn't require reload

To verify, use:

Sw# show system mtu
System MTU size is 1500 bytes
System Jumbo MTU size is 1550 bytes
Routing MTU size is 1500 bytes.

When to worry about MTU

Usually, the default MTU size is not modified, unless the devices work in an environment where additional encapsulation is used. Additional encapsulation occurs in the following situations:

  • L2 frames encapsulated in other L2 frames

    • PPPoE: the L3 MTU of the PPPoE interface should be set to 1492.

    • Q-in-Q Tunneling: The L2 MTU should be set to 1504

  • L3 packets are encapsulated in other L3 packets

    • GRE Tunneling: Adds 24 Bytes to the IP Header, so when crafting packets, the router will limit the L3 size to MTU-24 Bytes, in order to accomodate the packets on the network. Fragmentation may occur

    • Other L3 Tunnels

  • MPLS – adds 4 bytes for each label. For MPLS L3 VPN, there are 2 labels, so 8 Bytes. E.g. if L2 MTU is 1500, L3 packets larger than 1492 Bytes will be fragmented (or dropped). Some hardware allow you to set an MPLS MTU that is larger than L2 MTU, in order to reduce fragmentation. (See Baby Giants)

The problems are not always obvious because only packets that are very close in size to the maximum MTU, when adding extra encapsulation will become larger in size than the allowed MTU. Usually, normal pings are smaller and don’t get dropped. A better way to test it is to use large ping packets with the DF bit set:

R# ping IP-ADDR size 1500 df-bit

Actually, this is the method used by the Path MTU Discovery (PMTUD) process. In order to avoid fragmentation, which adds additional delay, a host that supports PMTUD can discover what is the largest MTU on the path to the destination, and only send packets large enough not to be fragmented or dropped. You can enable this functionality when a router is the sender with:

R(config)# ip tcp path-mtu-discovery [age-timer TIMER|infinite]
PreviousBridging on a routerNextWireless

Last updated 3 years ago

Was this helpful?