MTU

• Previous message (by thread): MTU
• Next message (by thread): MTU
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Jul 22, 2016 at 8:01 AM, Baldur Norddahl
<baldur.norddahl at gmail.com> wrote:
> What is best practice regarding choosing MTU on transit links?

Hi Baldur,

On a link containing only routers, you can safely increase the MTU to
any mutually agreed value with these caveats:

1. Not all equipment behaves well with large packets. It supposed to
but you know what they say.

2. No protocol guarantees that every device on the link has the same
MTU. It's a manual configuration task on each device and if the
maximum receive unit on any device should happen to be less than the
maximum transmit unit on any other, you will be intermittently
screwed.

This includes virtual links like the GRE tunnel. If you can guarantee
the GRE tunnel travels a 9k path, you can set a slightly smaller MTU
on the tunnel itself.


MTU should never be increased above 1500 on a link containing
workstations and servers unless you know for certain that packets
emitted on that link will never traverse the public Internet. Path MTU
discovery on the Internet is broken. It was a poor design - broke the
end to end principle - and over the years we've misimplemented it so
badly that it has no serious production-level of reliability.

Where practical, it's actually a good idea to detune your servers to a
1460 or lower packet size in order to avoid problems transiting those
parts of the Internet which have allowed themselves to fall beneath a
1500 byte MTU. This is often accomplished by asking the firewall to
adjust the TCP MSS value in flight.

Regards,
Bill Herrin



-- 
William Herrin ................ herrin at dirtside.com  bill at herrin.us
Owner, Dirtside Systems ......... Web: <http://www.dirtside.com/>

• Previous message (by thread): MTU
• Next message (by thread): MTU
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]