Evil TTL - Network Solutions
Evil TTL   >   MTU on Cisco Routers

Evil_TTL> show | s

MTU on Cisco Routers

Category:Cisco Systems -> Routing and Switching

Speaking about MTUs on routers it has to be emphasized that changing L2 MTU on an interface is not supported. If you try to change L2 MTU on an interface, you will possibly see the following message:

r1(config-if)#mtu 1500
% Interface FastEthernet0/0 does not support user settable mtu

The same refers to switch interface cards.

To check L3 MTU on an interface issue sh ip int {if-number}. To check L2 MTU issue sh int {if-number} command. Logically speaking, L3 MTU setting can’t be greater than L2 MTU setting. These numbers don’t take headers and trailers into account, so the actual MTU would be a little higher than the ones that are set in IOS.

While talking about MTU on Cisco routers many people always argue about the differences between setting ip mtu and ip tcp adjust-mss values on a routed interface.

Let’s take the following topology for our experiments:

MTU-on-Cisco-Routers-10.jpg

According to the diagram (actually it was a real situation) the host has some difficulties accessing web-sites. Some web-sites do open in the browser and some do not. The issue is in MTU. And there are two ways to solve the issue.

The Bad Way

The weakest solution is to set ip mtu and ip tcp adjust-mss on fa0/0.13 of the router.

ip mtu works only in the output direction. The router will fragment packets to a maximum size of 1496 byte coming out of the interface. It will fragment transit packets on the way from the outside network to the host. It produces high load on the CPU of the router.

ip tcp adjust-mss works in both directions and affects inbound and outbound transit packets. This option will make the router to tell the host about the preferred L4 payload size inside the transit packets during TCP handshake stage between the host and, for example, a web-server somewhere in the Internet. TCP has MSS field in its header which is agreed upon before transmitting actual data. So we can make the host and the remote server to establish session and start exchanging data at our desired maximum MSS payload. Take into consideration that IP and TCP headers would be added to this MSS payload, so make MSS value smaller than that of IP MTU one and you’ll be fine. The lab presented here was tested with the following values:

int fa0/0.13
ip mtu 1400
ip tcp adjust-mss 1300 

But if we do some calculations and predict possible changes and additions to IP and TCP headers by different applications and take some reserve we could optimize these values to the following:

ip mtu 1496
ip tcp adjust-mss 1440 

To calculate the exact number for MSS use the following articles by E.Garcia:

  1. File:mtu mss tutorial.pdf
  2. File:ip packet fragmentation 1.pdf

Try also this one. It explains very well the differences between ip mtu and ip tcp adjust-mss: File:MTU.zip

The Good Way

The best solution is to do something with the in-between switch, e.g. raise its system MTU up to 1504 or replace it to avoid either fragmenting packets or adjusting MSS payload using the router’s CPU resources.

By privilege15