MTU Troubleshooting on Cisco IOS

(Alberto s) #21

Hi Rene, I’m confused. What is the difference between MTU and windows size? I hope my questions doesn’t estupit.

(Rene Molenaar) #22

Hi Alberto,

It’s a good question, these are confusing topics. The window size is used by TCP between hosts to tell each other how many bytes to send. Take a look at this post:

I think that will help.


(Rene Molenaar) #23

Hi Thomas,

  1. That’s right, the MSS can be different on each side. It’s not synchronized between hosts.

  2. It’s probably redundant if you use TCP traffic yes, adjusting the MSS will prevent fragmentation. What about other traffic like UDP? I would set both the MTU and adjus MSS on the interface

  3. MPLS MTU is similar to IP MTU, it’s for labeled packets. Each MPLS header is 4 bytes, normally you’ll have two MPLS headers…one for the transport label and one for the VPN label so that’s 8 bytes of overhead.


(adil k) #24

HI Rene,

what about fragmentation issue’s when dealing with nat interface, something to do with ip virtual interface seeing high number of fragmentations?. How do you notify or investigate if and what the mss/mtu needs to be changed to? thanks

(Rene Molenaar) #25

Hi Adil,

When a NAT router receives fragmented packets then it might have to reassemble them so it can check L4 information that is required for translation. Once it is translated, it’s possible that the router has to fragment the packet again so it can be forwarded (if the MTU on one of its own interfaces is too small).

I would first try to figure our where your fragmented packets come from…you can do this with an access-list, make it match on fragments and then check which IP addresses send them.


(adil k) #26

Thank you Rene, Appreciated once again :slight_smile:

(adil k) #27

Hi Rene,

how about a gre tunnel? what should be the mtu size and mss? btw hope your well :slight_smile:

(Rene Molenaar) #28

Hi Adil,

I’m doing good, hope you as well :slight_smile:

GRE encapsulation adds 4 bytes of additional overhead so the mtu and tcp mss will be 4 bytes smaller.

Besides GRE, there’s MPLS labels, IPSEC Tunnel/Transport/AH/ESP with all kinds of different values :slight_smile:


(Davis W) #29

Hi Rene,

I abit confusing, If we set the Router interface MTU to 1400 bytes, and the host sending the packet more than 1400 bytes, the router will know the packet more than 1400 and start fragment it. But once fragment it, the packet will still able to reach to the destination right? Why it will cause the connection extremely slow or event some of the content not able to open at all?

And by increase the router MTU for backbone connected each other, will it have any benefit like improve the bandwidth or speed up the connection?

And both MTU between router and host connected must be match? It can be higher at Router and lower at Host?


(Rene Molenaar) #30

Hi Davis,

If the packet is too large then yes, the router will fragment the packet and forward the fragments. Fragmentation however can be a bad idea since it will increase your CPU load. For this reason, some routers disable fragmentation which means your packet will be dropped instead.

On high bandwidth links, a higher MTU will increase your bandwidth. A good example are jumbo frames for ethernet which allow 9000 bytes of payload. There are some benchmarks online if you want to see the difference.

The MTU doesn’t have to be match, it can be different depending on the interface you are using.


(Davis W) #31

Hi Rene,

Example if the PPPOE using, there’s additional 8 bytes will added on top of the 1500 bytes (1460+20+20) which is 1508 bytes, so standard Ethernet MTU router interface is 1500 can be received, so in this case, the router will start fragment it to 2 or more segment in order to reach the destination? Am i right?

Same to GRE Tunnel 1500 Bytes (1460+20+20) + 24 Bytes which is 1524 Bytes, again packet will start fragment?

Above scenario, if we don’t specify the lower IP MTU to 1492 for PPPOE and 1476 for Gre Tunnel in the router interface, then it will still fragment when the packet more than 1500 bytes right? Then why we need to specify the IP MTU to tell the router when to fragment the packet since it will still fragment when more than 1500 bytes?


(Rene Molenaar) #32

Hi Davis,

The hardware MTU of the interface is the maximum packet length that the interface can support. If you send something that the interface MTU can’t handle, it will be dropped. It won’t be fragmented.

The IP MTU determines when to fragment an IP packet. Typically we configure it the same as the interface MTU so that it does do fragmentation when required.

The router will fragment these packets but only if your IP MTU setting matches the interface MTU. Otherwise it will not fragment it, try to forward it and then it will be dropped.


(Ahmad D) #33

Hi Rene,

if the medium is capable to carry MTU of 1500 but we configure the interface to be less than that such as you used in the example to be 1400 but you worked out by adjusting the MSS and got it working with no issues. My question is there any impact for that vs using full capacity of the medium ? And what are the circumstances that we use such lower value of MTU ? THX

(Andrew P) #34

There are several circumstances where it would be best to set the MTU to be lower than what the medium is capable of supporting. Your goal is still to use as much as possible, but sometimes it is up to the administrator to adjust for how the network is setup. An example of this would be IPSEC VPNs. In both Tunnel and Transport modes of IPSEC, additional headers are added on to the packet. If you don’t account for these, it is possible that the router would have to start fragmenting the packets. Fragmenting in a VPN scenario can really spike the CPU utilization of the router which will ultimately reduce your throughput capability.

Another example would be tunneling: like GRE or DMVPN. Each of these technologies add overhead to packets, so the MTU should be adjusted as to avoid fragmentation.

(Ahmad D) #35

Great answer. Thank you

(Davis W) #36

Hi Rene,

System MTU size is 1500 bytes
System Jumbo MTU size is 9158 bytes
System Alternate MTU size is 1500 bytes
Routing MTU size is 1500 bytes

What is the different system MTU size and System Jumbo MTU size?

If we set the system Jumbo MTU size to 9158, means we can handle more than 1500 bytes even the system MTU size set to 1500 bytes?


(Rene Molenaar) #37
SW1#show system mtu 

System MTU size is 1504 bytes
System Jumbo MTU size is 9000 bytes
System Alternate MTU size is 1504 bytes
Routing MTU size is 1504 bytes
SW1#show interfaces FastEthernet 0/1 | include MTU
  MTU 1504 bytes, BW 10000 Kbit, DLY 1000 usec, 
SW1#show interfaces GigabitEthernet 0/1 | include MTU
  MTU 9000 bytes, BW 10000 Kbit, DLY 1000 usec, 


(Davis W) #38

Hi Rene,

Got it. Thanks :slight_smile:


(Networklessons Admin) split this topic #39

19 posts were merged into an existing topic: MTU Troubleshooting on Cisco IOS

(Davis W) #40

Hi Rene,

As you mention the interface MTU for both end doesn’t need to be same.

If let say R1 with interface MTU 9000 and R2 with interface MTU 1500. It will not cause any issue?

Because the R1 sending 6 times more packet in one frame, R2 will able to receive it without any problem?