What is MTU in OSI networks

MTU - Maximum Transfer Unit

The TCP / IP protocols divide the data that come from the applications into small packets before they are then passed on to a transmission system. Since every transmission system works with a different packet size or packet length, an adjustment must always be made. The MTU specifies the maximum IP packet length / size for a specific network type or a transmission system. In general, the MTU is limited by the network. But it can be smaller. The smaller it is, the greater the fragmentation of the user data (MSS, Maximum Segment Size).

Difference: MTU and MSS

The term MSS (Maximum Segment Size) is often used in connection with MTU. One must not confuse the two. They are directly related. The MTU indicates the size of the complete TCP / IP packet. The MSS only specifies the space for the user data in the TCP / IP packet. The IP header and TCP header are usually 20 bytes each if the Options header fields are not used. So together at least 40 bytes.

Fragmentation

IP takes on the task of dividing the data packets into smaller units for the network interface, if necessary. This process is called fragmentation. It is an essential part of the Internet Protocol (IP). There are hardware-dependent values ​​for the MTUs that differ depending on the network type.

Reasons for the fragmentation

  • Establishing the compatibility of different hardware, software, protocols and transmission systems
  • Measure to reduce errors
  • Limitation of the access time and thus increasing the fairness of access to the transmission medium

Examples for MTU and MSS (with TCP / IP)

Network typeMTUMSS
IEEE 802.3 (PPPoE implementation / DSL) ≤ 1,492 bytes1,452 bytes
Ethernet (V2 frame format)1,500 bytes1,460 bytes
WLAN (IEEE 802.11)2,312 bytes 
Token Ring (4 Mbit / s)4,464 bytes 
Token Ring (16 Mbit / s)17,914 bytes 
X.25 / analog modem connections576 bytes536 bytes
min.MTU IPv468 bytes 
min.MTU IPv61,280 bytes 

The length / size of an IP packet must be strictly adhered to according to the valid MTU, otherwise the data cannot be transmitted. Incorrectly set MTU values ​​can also cause sporadic transmission problems. This should be taken into account when troubleshooting IP networks.

Calculation example

1460 bytes of user data (transport layer) + 20 bytes of TCP header (transport layer) + 20 bytes of IPv4 header (network layer) -------------------------- --------------------- = 1500 byte MTU (user data from Ethernet) + 14 byte data link header (data link layer) + 4 byte frame check sequence (FCS) - --------------------------------------------- = 1518 bytes Ethernet- Frame

Functional flow of fragmentation

The IP protocol takes the data packets from the higher-level transport layer and divides them into smaller units. Each data packet is then preceded by an IP header.

Together with the IP header, the IP data packet consists of the number of bytes specified under the MTU. The IP protocol on the receiving end takes the IP packets and sets them back to their original state. To do this, the fragmentation data is read from the IP header. The more flag (MF) is used to mark whether an IP packet contains a data segment for a data block. If this flag is set, the IP protocol has to wait until all parts have arrived. If the More flag is not set, the data of the received IP packet is not fragmented or it is the last part of the data block. In addition to the More flag, information on the position of a piece of data is also sent. The fragment offset field in the IP header is used for this.
Once all the data sections have arrived, the data block is put together and transferred to the higher-level protocol.

Fragmentation problems

In principle, each data segment is preceded by an additional IP header. If the MTU changes several times on the way to the destination, the data packet is fragmented anew each time, although it may have already been fragmented. Not only is the fragmentation very time-consuming and computationally expensive, the ratio between header and user data is also becoming increasingly unfavorable. The smaller the MTU, the greater the administrative share of the transmission capacity of a data packet. At some point the IP header eats up the effective transmission capacity of a network connection. In addition, the network connection is vulnerable to small data blocks. The lack of a fragmented IP packet can seriously disrupt a network connection. If an IP packet is lost (e.g. after about 30 to 40 seconds of non-arrival), the entire data block is discarded.

Problem: A certain server cannot be reached

A certain server cannot be reached via a DSL connection. Assuming there are no problems with DNS and the server is actually connected to the network, then the problem may have something to do with the Maximum Transfer Unit (MTU).

The reason: With DSL (connection via DSL modem with PPPoE) the MTU is limited to 1,492 bytes. However, the PC sees the local network via Ethernet with an MTU of 1,500 bytes. This MTU is used to calculate the maximum segment size (MSS) for the data packets, which is also communicated to the remote server. It can happen that the remote server sends packets that are too large for the PPPoE connection. Since almost all transmission systems prevent fragmentation (DF bit in the IP header), the routers report via ICMP on the way to the sender that the packet was too large. On the target server, however, an incorrectly configured firewall is preventing the server from receiving the ICMP message. And that's why he always tries to send packages that are too large. But unfortunately the firewall prevents communication via ICMP. Of course, a connection is never established in this way.

To eliminate the problem, the firewall on the target server should be configured correctly. Alternatively, you can reduce the MTU for the affected clients. At least with DSL, an MTU of 1,492 bytes is a practicable size. In general, however, a firewall should let ICMP packets through and the user should keep his hands off the MTU.
With transmission systems, especially with IPsec VPN, you may have to experiment until you have set the correct MTU for the network and the clients.

In principle, it would be an advantage if MTU were chosen correctly right from the start. This would speed up the establishment of the connection and avoid unnecessary or too small packets. The MTU should not be set manually because the IP stack determines this value for each connection with Path MTU Discovery itself.

Path MTU Discovery / MTU and IPv6

Data packets that are too large are no longer fragmented by IPv6 routers. If a package is too big, an error message is sent to the sender (MTU Size Error Feedback). This then has to adjust the maximum packet length (MTU - Maximum Transmissin Unit). This procedure is called Path MTU Discovery and also exists in a similar form in IPv4. The Don't-Fragment-Flag (DF) must be set there in the data packet. If this method was optional in IPv4, it is mandatory in IPv6. If a data packet is lost or fragmentation errors occur, the Path MTU Discovery fails. In IPv4, the MTU was then reduced to 68 bytes. This led to a higher number of packets and an uneconomical protocol overhead. IPv6 has the smallest adjustable MTU of 1,280 bytes. This means that the routers are no longer burdened unnecessarily. Of course, packets smaller than 1,280 bytes can also be transmitted.

Determine the optimal MTU manually (Linux)

The following command can be used to determine the optimal MTU:

ping -c 1 -s $ ((1512-28)) -M do www.elektronik-kompendium.de

The following error message should be output: "ping: local error: Message too long, mtu = 1500"
This means that the optimal MTU should be 1,500 bytes long. Then you try again.

ping -c 1 -s $ ((1500-28)) -M do www.elektronik-kompendium.de

As a result, the ping should have been successful: "1 packets transmitted, 1 received, 0% packet loss, ..."

Note: If the destination address is different, another MTU may be optimal.

Other related topics:

Everything you need to know about IPv6.

Collection: IPv6

A PDF file of all articles on Internet Protocol Version 6 from this website. The compilation takes into account the introduction to the basics of IPv6 with detailed descriptions and numerous tables and figures. Learn more about the possibilities and relationships in the IPv6 network.

More information and to download

Everything you need to know about networks.

Network technology primer

The network technology primer is a book about the basics of network technology, transmission technology, TCP / IP, services, applications and network security.

I want that!

Everything you need to know about IPv6.

Collection: IPv6

A PDF file of all articles on Internet Protocol Version 6 from this website. The compilation takes into account the introduction to the basics of IPv6 with detailed descriptions and numerous tables and figures. Learn more about the possibilities and relationships in the IPv6 network.

More information and to download