MTU, or Max Transmission Unit, is the maximum payload that can be transmitted over a interface. The payload includes any L3 headers, such as TCP/IP, but excludes layer 2 headers, such as the Ethernet frame header.
In the case of Ethernet, the MTU is commonly 1500 bytes. This means that the TCP/IP packet can be up to 1500 bytes. In addition, there's a Ethernet frame header, so the total Ethernet frame is 1518 bytes as travelling over the wire. With a VLAN tag, this increases to 1522B with a MTU of 1500B.
Common MTU values
For home networks, 1500B is the common value for both Wi-Fi and Ethernet. While the frame is different on Wi-Fi and Ethernet, both are capable of handling a 1500B payload. The maximum for Wi-Fi is 2304B. For Ethernet the largest common size is 9000B, but larger may be used.
Generally, the MTU will be 1500B in Wi-Fi and Ethernet networks, and this should not be changed unless there's compelling reasons to do so - as changing the MTU breaks expected behavior.
PPPoE is a common exception; as PPPoE runs on top of Ethernet, it has to fit in the 1500B frames of Ethernet. The header of PPPoE is 8 bytes, so the useable MTU is 1492B. Note that your local network can run on 1500B MTU even though Internet connection is at 1492B MTU, thanks to path MTU discovery. If a majority of traffic is towards Internet, you can lower MTU, but will not gain significantly by doing so, and may break things in the process because equipment expects MTU to be 1500B.
What problems can be caused by wrong MTU setting
Different MTU in same network
Frames that are larger than the MTU will be silently discarded by the network card. If you have dissimilar MTU, this means that one host may send frames that other hosts on the network can't receive. The behavior can be strange.
For instance logins and ssh may work fine, as ssh sends many small packets to reduce latency, but scp may fail because scp uses larger packets as it transmits a file, not screen content or keypresses and doesn't have to wait for data. Tools such as ping will probably not indicate errors as well with default payload size.
It can also be expirienced that connections works in one direction, but not the other. SCP may work when copying data from host A to host B, but fail when attempting to copy from host B to host A.
The consequence is that MTU mismatch can be hard to diagnose if you don't recognize the symptoms and are paranoid enough to check and verify the MTU settings...
Every computer on the same broadcast segment should have the same MTU setting. This includes situations where there's different access technologies in the same L2 system, for instance WiFi and Ethernet.
How can you find the MTU for a network?
You can't. There's no mechanism in Layer 2 Ethernet to report MTU. If the packet is too large, it's not received by the recipient - but the lack of reply can have other reasons apart from wrong MTU.
As admin, you have to ensure that all devices on the same Layer 2 segment has the same MTU setting. This should always be 1500 bytes for Ethernet and WiFi, unless you have reasons for a different setting.
Between networks (e.g. where packets are routed), you can discover path MTU using tracepath example.org - but this will only tell you what hosts believe they can use. If a host is wrongly configured, it will fail.
MTU changes between networks
Where networks change transport interfaces, MTU changesmay happen. One case where this happens is the ADSL interfaces with PPPoE. As Ethernet has 1500B payload, and PPP eats 8 bytes, we end up with 1492B payload on the PPPoE interface. In this case the break happens at a routed interface, so TCP/IP packets can be fragmented, or Path MTU discovery will adjust the Maximum Segment Size, which is a related concept for TCP/IP.
If an too large packet is received and to be forwarded to an interface it can't fit on, one of two things can happen:
- If the Don't Fragment bit (DF) (IPv4) is set, it will be dropped and the sender will be made aware of that it's too big.
- If the DF is not set, the packet will be fragmented and sent as two fragments.
With the break in MTU created by PPPoE, it's at a routed boundary. The PPP interface created from the PPP link is not in the same L2 domain as any Ethernet interface.
What's Path MTU Discovery
PMTUD is a technique for discovering the MTU of a given path. Note that it relies in ICMP, which may be blocked on some networks.
Path MTU detection will however not work if different devices on the same network have differing MTU values. It relies on devices receiving a packet with the Don't Fragment bit set, but too large to fit over target link. However, if there's a mismatch, it may fit on the target link - but not to be received by the destination if the destination has a lower MTU.
What's MSS?
Maximum Segment Size is a field in the TCP/IP header. It specifies how large payload is allowed, and holds an function related to MTU. It is however not MTU.
In addition TCP/IP has mechanisms for adjusting MSS. It can vary depending on communication partner, and can vary for the same TCP/IP stream.
What can set MTU?
Broadly speaking three things can set MTU on physical interfaces:
- Standard setting, e.g. 1500B for Ethernet and Wi-Fi
- User changes default
- DHCP or IPv6 RA sets MTU
It can not be set dynamically depending on communication partner.
MTU on Linux
While this is written for Ubuntu, this is common to all Linux modern Linux distros.
The command ip link can be used to show the MTU:
$ ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: enp0s31f6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
link/ether aa:bb:cc:dd:ee:ff brd ff:ff:ff:ff:ff:ff
Here we can see that MTU of the loopback interface is 65536B, and 1500B for enp0s31f6, which is a Ethernet interface.
It can be set using ip link set dev <interface> mtu <value>, where <interface> is the interface name. ip link set dev enp0s31f6 mtu 1400 would set the MTU of emp0s31f6 to 1400 bytes.
Should I change it?
Generally speaking, no. If you need to change it you're probably aware of how to do it, and why you need to do it. The main case would be to increase it for high speed networks, such as 10Gb Ethernet and faster.
I've worked with networks for a number of years, and I have yet to see a general purpose network with a MTU not set to 1500B. The value is too well entrenched on Ethernet and Wi-Fi, and changing it outside specialized environments such as Data center networks will break with expected behavior.
Jumbo Frames
With the advent of higher network speeds, the overhead from inter-frame-space and header has became more notable. Common size in such cases are 9000B MTU, and this may be required to reach line speeds.
Other sizes are in use as well for various special purposes, to accomodate payloads such as MLPS or match page size in virtualized systems. This however falls in the category of specialized networks.
(Note: I'm aware of the fact that Ethernet is generally specified in Octets, not bytes. However, one byte = one octet. I've used byte in this answer, to avoid confusion.)
