In-depth analysis of the maximum transmission unit (MTU)

Improper MTU settings may cause many network problems, such as the unavailability of some network applications and the unavailability of some websites. The following are the MTU settings that have been searched online. some of them may not be verified and are for reference only. 1. determine how to determine that the MTU accessed by some ISP may be smaller than the MTU used in general use. if the MTU is too large

Improper MTU settings may cause many network problems, such as the unavailability of some network applications and the unavailability of some websites. The following are the MTU settings that have been searched online. some of them may not be verified and are for reference only.

1. how to determine the network MTU

Some ISP access MTU may be smaller than the conventional MTU. if a too large MTU is set, many services may fail to be used. You can use the ping program to determine the MTU value.

In Windows, you can open a command prompt and use PING-l -F Determine MTU

Ping-l 1400-f www.baidu.com

If the ping is successful, the MTU can be used. you can increase the MTU value until the maximum value is reached. Otherwise, you must decrease the MTU value. Setting the maximum MTU value can effectively improve the network throughput.

Relevant experiments can be seen:

2. common MTU values

MTU may vary depending on the bandwidth connection mode, as shown below:

1) PPPoE/ADSL: 1360-1492

2) pptp vpn: 1400-1460

3) L2TP VPN: 1400-1460

4) Fixed IP: 1400-1500

5) DHCP: 1400-1492

3. modify MTU in Windows

For Windows direct connection, you can modify MTU in the registry:

1) [start]-[run]-[regedit] open the registry

2) choose HKEY_Local_Machine> SYSTEM> CurrentControlSet> Services> Tcpip> Parameters> interface]

3) There may be many options under the interface, one by one, there will be an option IPaddress is the same as the IP address of the current NIC, select Edit> New> DWORD value on the option, create a DWORD named MTU, double-click modify, select decimal, and enter the appropriate MTU value.

4. set MTU in the vro

If you use a vro to share the Internet, you can check whether the vro supports MTU settings. If yes, you can directly change MTU to an appropriate value.

(1) TP-LINK router settings

2) JCG router settings

4. relationship between tcp mss and large packet communication

When users access the Internet using a router, they often report that they cannot access the webpage (or some webpages) and use Outlook to send and receive emails (these applications are based on TCP or UDP ), but there is no problem when you Ping the package. at this time, there is no error in the configuration check. In this case, most of the reason is that a NAT application is performed on the device, and the device performs packet sharding.
An IP packet contains a quintuple, but only the quintuple information (source destination IP address, source destination port number, and protocol number) of the first packet with an ip address is required for partitioning ), the subsequent parts do not retain all the identification information of TCP/UDP packets, such as the port number. in this case, if the device implements the NAT translation operation (during the NAT translation process, and the application is based on TCP/UDP. as a result, packets cannot be correctly grouped and the preceding problem occurs.
When a TCP/IP connection is established, many parameters are negotiated. among them, the tcp mss parameter is used to negotiate the TCP packet size, if the negotiated TCPMSS parameter value is smaller than the MTU value of the device, the TCP packet will not be split on the device. Otherwise, the packet will be split and the above phenomenon will occur, therefore, to avoid the above situation, make sure that the negotiated TCPMSS parameter is smaller than the MTU value of the device. Therefore, the Quidway router has a command to set the TCPMSS value. if this command is configured, when a router device establishes a TCP/IP connection, it modifies the value of TCPMSS in the negotiation message according to the configured value, this value can also be negotiated during the same peer negotiation. if this command is not configured, the router device does not modify the value in the packet (sometimes the value in the negotiation packet sent from the peer device is large, such as 8000 ). Generally, the default or configured MTU value is about 1500. you can set the value of TCPMSS to less than 1500, such as 1400 or 1024.
If the TCPMSS value is set too small, a significant increase in the number of packets will lead to a reduction in efficiency. in particular, it is unnecessary to limit the TCP packet size when no NAT application is configured. due to the complicated application, setting the default TCPMSS value is not particularly appropriate (the device will modify the TCPMSS value when establishing a connection). Therefore, it is better to pay attention to it in the application, this configuration command is also available for Cisco devices.

MTU: maximum Transmission Unit of Maxitum Transmission Unit

MSS: Maxitum Segment Size maximum Segment Size

The abbreviation of the maximum transmission size of MSS is a concept in TCP.
MSS is the maximum data segment that TCP data packets can transmit each time. To achieve optimal transmission performance, TCP usually needs to negotiate the MSS value of both parties when establishing a connection, this value is often replaced by the MTU value when the TCP protocol is implemented (the size of the IP packet header is reduced by 20 Bytes and the packet header of the TCP data segment is 20 Bytes ), both parties will determine the maximum MSS value for this connection based on the MSS value provided by both parties.

Generally, the MTU of Ethernet is 1500, so in Ethernet, the tcp mss is usually 1460.

The specific process of tcp mss negotiation is as follows:
The TCP client sends a SYN packet, in which the option is filled in the MSS field is generally (MTU-IP header size-TCP header size), also after the TCPserver receives the SYN packet, it will send a SYN + ACK packet response, the option is also filled with the mss field (MTU-IP header size-TCP header size); both parties will compare the size of the MSS field in the SYN and SYN + ACK packets, select a smaller MSS as the size of the TCP fragment to be sent.

For networks that involve PPPOE + NAT, IPsec, L2TP, and GRE, clustering is usually required because the packet size is too large, which will reduce the transmission rate. Therefore, selecting an appropriate MSS is important for data transmission. in linux, you can use netfilterIptablesSet TCPMSS.

Iptables-a forward-p tcp--tcp-flags SYN, rst syn-jTCPMSS -- clamp-mss-to-pmtu

The purpose of this rule is to change tcp mss to adapt to PMTU (Path MTU)

Iptables-a forward-p tcp -- tcp-flags SYN, rst syn-jTCPMSS -- set-mss 128

Set MSS to 128

5. set the network interface MTU

1) run the following command to set the MTU of the Linux host interface:

Ifconfig Mtu

2) PPPoE MTU settings can be added to the configuration file

Mtu

Mru

3) NAT automatically sets the MSS value

Iptables-a forward-p tcp -- tcp-flags SYN, rst syn-j TCPMSS -- clamp-mss-to-pmtu