Penguin

Acronym for Maximum Transmittion Unit.

The size of the largest packet that can be sent over a link. For Ethernet and PPP this is usually 1500. The minimum MTU you should ever use is 576. The maximum MTU for IPv4 is 65535, used in some gigabit Ethernet configurations. Since tunneling protocols such as PPP require a few bytes of overhead per packets, the MTU on their link is usually slightly lower than 1500. Many ADSL MoDems use 1470 here.

Each packet requires overhead: it needs a header containing addresses, port numbers, TTL, flags, etc. Therefore, larger packets equal better use of the bandwidth. If the MTU is smaller than necessary, more packets than necessary will be sent. However, with an MTU set high, if packets have to be routed through a link with a smaller MTU, they'll need to be fragmented, ie broken into smaller packets. F.ex, when sending 1500 byte Ethernet packets through a 1470 byte MTU PPP link, the end of every packet will be broken into a tiny 30-byte fragment.

The TCP/IP stacks in Linux and most other recent OperatingSystems use a clever system called path MTU discovery to address this problem. The MTU for a new connection is set low, but gradually increases, while the packets are sent with the don't fragment flag set. When the MTU grows beyond the smallest MTU of any link anywhere in the route, the responsible gateway will refuse to route the packets because they're too large to send them without fragmenting them but it's not allowed to do that. Instead, it will notify the source host with a Need to fragment, but don't fragment is set ICMP message. At this point the sending host knows the maximum fragmentation-free MTU size it can use on this connection, which is the most bandwidth-efficient size for packets.

Unfortunately, some particularly clueless SysAdmins ignorantly block any and all ICMP packets from passing through their gateways without fully understanding why ICMP is an important part of IP, and/or without thinking of the consequences. Banks seem to be a major transgressor here.

Another cause of MTU-related brokenness is routers that need to send ICMP packets but are using private non-routable IP addresses.

See also: