mtu mis-match

Justin M. Streiner streiner at cluebyfour.org
Wed Mar 19 19:38:09 UTC 2008


On Wed, 19 Mar 2008, ann kok wrote:

> I have this problem about mtu mismatch
>
> Some DSL clients, some are working fine.
> (browsing...ping ...)
>
> Some DSL clients have this problem
> they can't browse the sites.
> they can ssh the host but couldn't run the command in
> the shell prompt
> ping packet are working fine (no packet lost)
>
> Why?
> but I still don't know why mtu can cause this problem

Are you using PPPoE to transport and manage your DSL users, or are they 
bridged?

Ping packets, unless you specifically use a larger packet size, are 
usually pretty small.  Try running ping tests with a larger packet size, 
say, 1495 bytes, and see if those fail.

HTTP, SSH, etc, can easily (and often do) generate packets up to the 
maximum segment size.  That's why MTU mismatches can seem to affect some 
types of traffic but not others.

The 'lowest common denominator' for MTUs is often 1500 bytes, but 
protocols that need to wrap or tunnel existing packets (GRE, PPPoE, IPSEC, 
etc) impose some overhead of their own.  Unless the MTU or TCP maximum 
segment size of the original traffic is reduced a bit, the tunneled 
packets will need to be fragmented for transport across the network.  This 
can lead to performance problems like the ones you're seeing.  The magic 
number for an MTU on PPPoE DSL is 1492 bytes, based on past DSL 
aggregation work I've done.

jms



More information about the NANOG mailing list