MTU 101
MTU stands for Maximum Transmission Unit. This is the amount of data that can be transmitted by one protocol. MTU is used at every layer of the OSI stack, but it’s value is closely related to the layer/protocol.
On a router
Layer 2 – mtu
On a router, the mtu command applied on an interface defines the value of the L2 payload. This means how much data a L2 frame can contain, without the L2 header or trailer. By default, this value is 1500 Bytes on Serial and FastEthernet interfaces, but it can be changed with:
To see the current value used as the L2 MTU, use:
As you will see in the next section, on a Cisco device the mtu and the ip mtu values refer to the same portion of a packet. The value defined for the L2 MTU is closely related to the value defined for the L3 MTU because the L3 MTU can’t be larger than the L2 MTU. When setting the L2 MTU to a value lower than L3 MTU, the L3 MTU also changes. When setting the L3 MTU you can’t set a value larger than L2 MTU, but it can be lower. The L2 MTU doesn’t change. When a router receives a frame that is larger than the L2 MTU (comparing only the L2 payload), the packet is dropped.
Layer 3 – ip mtu
On a router, the ip mtu command applied on an interface defines the size of the L3 packet, including its headers. As you can see, this represents the same portion as the one used as the L2 MTU. By default, the L3 MTU value for Serial or FastEthernet connections is 1500 Bytes, same as the default L2 MTU. You can change it with:
To see the current value used as the L3 MTU, use:
If you need to send L3 packets that are larger than the IP MTU, fragmentation occurs. The router will split the original packets in packets that can be accommodated by the L3 MTU size. Well, this works as long as the packet doesn’t have the DF(Don’t Fragment) bit set. If such a packet arrives and the L3 MTU is smaller than the packet size, then the packet is dropped and an ICMP message is generated (packet too big)
Layer 4 – ip tcp mss
On a router, the MSS (Maximum Segment Size) represents the MTU value for TCP – How much data can a TCP packet contain. This value is negotiated during TCP handshake and is chosen as the smallest value configured on the sender or the receiver. When a Cisco Router is a sender or a receiver, it uses a MSS value of 1460 Bytes for local destinations (same subnet) and 536 bytes for remote destinations. This value can be changed with:
When a router is neither the sender, nor the receiver it can intercept TCP packets and modify the MSS value to prevent dropping larger packets than the network would accept. To enable this, use:
On a switch
Layer 2 – system mtu
On a switch you can’t configure individual MTU values for every port. Instead, a global MTU value is configured that is used on all ports. This value only changes when the router reloads. The definition for the L2 MTU is the same as for routers and has the same default value: 1500 Bytes. It can be changed with:
When a switch receives frames that are larger than the L2 MTU, it drops them.
Layer 2 – system mtu jumbo
For Gigabit interfaces, the value for Jumbo MTU is used. To configure the switch to support Jumbo frames on Gigabit ports, use:
If a switch receives frames larger than the JUMBO MTU, it drops them. If a switch receives a frame larger than the L2 MTU, but smaller than the JUMBO MTU, it will still drop them if they are destined for a FastEthernet port, regardless of the port they were received on.
Layer 3 – system mtu routing
This value represents the L3 MTU size and can’t be bigger than the L2 MTU size. If the L2 MTU size is set lower than the L3 MTU size, the L3 MTU size will also change after reload. This value is also used by OSPF when advertising its MTU. To change it, use:
To verify, use:
When to worry about MTU
Usually, the default MTU size is not modified, unless the devices work in an environment where additional encapsulation is used. Additional encapsulation occurs in the following situations:
L2 frames encapsulated in other L2 frames
PPPoE: the L3 MTU of the PPPoE interface should be set to 1492.
Q-in-Q Tunneling: The L2 MTU should be set to 1504
L3 packets are encapsulated in other L3 packets
GRE Tunneling: Adds 24 Bytes to the IP Header, so when crafting packets, the router will limit the L3 size to MTU-24 Bytes, in order to accomodate the packets on the network. Fragmentation may occur
Other L3 Tunnels
MPLS – adds 4 bytes for each label. For MPLS L3 VPN, there are 2 labels, so 8 Bytes. E.g. if L2 MTU is 1500, L3 packets larger than 1492 Bytes will be fragmented (or dropped). Some hardware allow you to set an MPLS MTU that is larger than L2 MTU, in order to reduce fragmentation. (See Baby Giants)
The problems are not always obvious because only packets that are very close in size to the maximum MTU, when adding extra encapsulation will become larger in size than the allowed MTU. Usually, normal pings are smaller and don’t get dropped. A better way to test it is to use large ping packets with the DF bit set:
Actually, this is the method used by the Path MTU Discovery (PMTUD) process. In order to avoid fragmentation, which adds additional delay, a host that supports PMTUD can discover what is the largest MTU on the path to the destination, and only send packets large enough not to be fragmented or dropped. You can enable this functionality when a router is the sender with:
Last updated