Maximum transmission unit (MTU) is the maximum size of each packet that can be transmitted without being fragmented over a network that runs a specific network protocol. In network transmission, when large packets are inefficiently transmitted or frequently fragmented or reassembled, you may change the MTU to ensure that packets pass through routers and data link layers in a more efficient manner and prevent data loss. This improves transmission speed and stability.
MTU classification
MTUs are classified into the following types based on the TCP/IP layer and scenario:
MTU at the data link layer
The maximum size of the data payload that can be transmitted at the data link layer. In Ethernet networks, the standard MTU is 1,500 bytes, excluding the Ethernet frame header. The size of a standard Ethernet frame is calculated by using the following formula: Size of a standard Ethernet frame (1,518 bytes) = Size of the destination MAC address (6 bytes) + Size of the source MAC address (6 bytes) + Size of the EtherTyp/Length field (2 bytes) + Data payload size (1,500 bytes) + Cyclic redundancy check (CRC) size (4 bytes).
IP MTU
The size of the largest packet that can be transmitted at the network layer, which includes the IP header size and payload size but excludes the Ethernet frame header and trailer. In most cases, the MTU in Alibaba Cloud refers to the IP MTU.
IP MTU (1,500 bytes) = IP header size (at least 20 bytes) + TCP header size (at least 20 bytes) + Data payload size (1,460 bytes). The sizes of the IP header and TCP header may vary based on options.
MTU of jumbo frames
Specific vendors introduced the jumbo frame concept, which increases the size of a standard Ethernet frame to approximately 9,000 bytes. A jumbo frame includes a Layer 2 Ethernet header and a CRC field, whereas the IP MTU does not include the Layer 2 Ethernet header and CRC field. Jumbo frames can help reduce the number of packets to be transmitted and improve network efficiency. Alibaba Cloud supports jumbo frames each of up to 8,500 bytes. For more information, see Jumbo Frames.
Path MTU
Path MTU (PMTU) is the maximum size of a packet that can be transmitted without being fragmented on a path between two network nodes. The path between the source node and destination node covers all network devices, such as routers and switches, and links, such as communication links.
You can use the Path MTU Discovery (PMTUD) feature to dynamically probe the minimum MTU among all links between two hosts in a network to prevent unexpected packet fragmentation. For more information, see PMTUD.
Factors that determine the MTU value
The following factors determine the MTU value:
Network device: The hardware capabilities of different network devices, such as routers and switches, determine the maximum MTU values on the network devices. If a device in the network has a smaller MTU than other devices, the smaller MTU takes effect to limit the packet size for network communication.
Network connection type: Different types of network connections, such as Ethernet and wireless networks, have different MTU requirements. For example, a wireless network uses a small MTU, because wireless signals may be unstable and a large MTU may cause packet loss and data retransmission.
Transmission medium: Different types of network media, such as twisted pairs, optical fibers, and wireless media, may have different MTU restrictions.
Network protocol: Different network protocols may have different MTU requirements. For example, an Ethernet network uses a standard MTU of 1,500 bytes.
Application requirements: Specific applications may have special MTU requirements, which indirectly affect the MTU of the overall network.
MTU impacts on network performance
Correct MTU settings are significant to the performance and efficiency of your network communication. MTU settings have the following impacts on network performance:
Fragmentation and reassembly
Fragmentation: When a packet is transmitted from one network to another with a different MTU, the packet is split into fragments if the size of the original packet exceeds the MTU of the destination network. Reassembly: After the fragments reach the destination host, they are reassembled into a packet. The fragmentation and reassembly process may increase network latency, reduce transmission efficiency, and increase the processing load on network devices because the process requires additional computing resources.
Reduced transmission efficiency
The additional overhead caused by fragmentation and reassembly may result in a decrease in the overall network transmission rate when packets pass through a link with a small MTU. Fragmentation may also cause performance issues for specific protocols or applications. For example, the TCP retransmission mechanism may be unexpectedly triggered due to fragment loss, which consequently reduces transmission efficiency.
Network congestion
If you specify an excessively small MTU, data is split into large numbers of fragments, which increases the risk of network congestion. A large MTU can help reduce the number of packets to be sent, reduce network congestion, and improve network throughput.
To optimize network performance, we recommend that you specify the same MTU for all links in the transmission path and set the MTU to the largest possible value that does not exceed the minimum PMTU on the path. This reduces the need for fragmentation and reassembly and improves transmission efficiency. For specific application scenarios, such as video conferencing, large file transfers, and other bandwidth-intensive tasks, you can change the MTU value to improve transmission efficiency and quality.
View the MTUs of NICs on an ECS instance
The MTU defines the maximum number of bytes of data that a network interface controller (NIC) can transfer at one time. The default MTU is set to 1,500 bytes on the NICs of all Elastic Compute Service (ECS) instances whose network interfaces support standard Ethernet encapsulation and data transmission. If your ECS instance supports the Jumbo Frames feature, an MTU of 8,500 bytes can be used. You can connect to an instance and run an operating system command to view the MTUs of NICs on the instance.
View the MTUs of NICs on a Windows instance
Sample operating system: Windows Server 2022.
Sample instance family: ecs.g8i.large.
Connect to a Windows ECS instance.
For more information, see Connect to a Windows instance by using a password or key.
Open Command Prompt or Windows PowerShell.
Run the following command to view the MTUs of NICs on the instance:
netsh interface ipv4 show subinterfacesBefore the Jumbo Frames feature is enabled
The following command output indicates that the MTUs of the primary elastic network interface (ENI) named Ethernet and the secondary ENI named Ethernet 2 are 1,500 bytes, which is the default MTU value.
After the Jumbo Frames feature is enabled
The following command output indicates that the MTUs of the primary ENI named Ethernet and the secondary ENI named Ethernet 2 become 8,500 bytes.
View the MTUs of NICs on a Linux instance
Sample operating system: Alibaba Cloud Linux 3.2.
Sample instance family: ecs.g8i.large.
Connect to a Linux ECS instance.
For more information, see Connect to a Linux instance by using a password or a key.
Run the following command to view the MTU values of NICs on the instance:
ip aBefore the Jumbo Frames feature is enabled
The following command output indicates that the MTUs of the primary ENI named eth0 and the secondary ENI named eth1 are 1,500 bytes, which is the default MTU value.
After the Jumbo Frames feature is enabled
The following command output indicates that the MTUs of the primary ENI named eth0 and the secondary ENI named eth1 become 8,500 bytes.
Run the ping command to probe the PMTU
You can run the ping command to probe the PMTU. Use the following method.
The PMTU probe tests may affect network communication. We recommend that you perform the tests during off-peak hours.
Test method: Send a packet with the Don't Fragment (DF) flag set to 1 and gradually increase the sizes of packets to be sent until you receive the "Fragmentation Needed and Don't Fragment was Set" ICMP error message. The message indicates that the previous MTU value is equal to the PMTU minus the IP header size (20 bytes) and the ICMP header size (8 bytes).
Test command: Run the following command to probe the PMTU of network links:
ping -c 1 -M do -s <Packet size> <Destination IP address>Take note of the following parameters:
-c 1: specifies that only one packet is sent.
-M do: specifies that the DF field is set to 1.
-s <Packet size>: specifies the size of the ICMP protocol data unit (PDU). The initial size can start from a common value, such as 1472.
NoteIn the ping operation, the ICMP header size is 8 bytes and the IP header size is 20 bytes. The size of an ICMP IP data packet is calculated by using the following formula: Size of an ICMP IP data packet = IP header size + ICMP header size + ICMP PDU size = 20 bytes + 8 bytes + 1,472 bytes = 1,500 bytes.
Sample probe test:
The following sample MTU settings for hosts at both ends of a path are used:
The source host (FROM) has an IP address of 172.17.0.127. To facilitate testing and comparison, The ECS Jumbo Frames feature is enabled and the MTU is set to 8,500 bytes. For information about how to enable the Jumbo Frames feature, see the Enable or disable the Jumbo Frames feature section of the "Jumbo Frames" topic.
The destination host (TO) has an IP address of 172.17.0.128 and the MTU is set to 1,500 bytes.
Perform a test. Run the following command to send an 8472-byte packet, which excludes IP and ICMP header sizes:
ping -c 1 -M do -s 8472 172.17.0.128Query the test result. The "Frag needed and DF set(mtu=1500)" ICMP error message appears, which indicates that the packet exceeds the MTU of 1,500 bytes and needs to be fragmented. However, the packet cannot be fragmented by a forwarding device on the network path because the DF flag is set to 1. As a result, the packet is dropped.
Change the MTU of a NIC
In Alibaba Cloud, specific scenarios or network devices, such as Virtual Private Network (VPN) gateways and traffic mirroring, have strict requirements on the sizes of packets that are sent from ECS instances. To ensure network connectivity or improve user experience, you must reduce the maximum size of packets that ECS instances can forward. You can perform the following operations to change the MTU values of NICs on ECS instances to meet the packet size requirements of the preceding scenarios or network devices.
Before you change the MTUs, make sure that you understand the impacts of MTU changes on network performance. Inappropriate MTUs may cause specific types of packets to be fragmented, which reduces network efficiency.
The MTU of a Linux operating system can be automatically obtained from the DHCP server. If DHCP is enabled or you are not in a tunneling scenario such as a VPN gateway scenario, you do not need to manually change the MTU of a NIC.
In specific scenarios such as when jumbo frames are used, refer to relevant best practices to resolve the issue, instead of manually changing the MTU. For information about how to enable the Jumbo Frames feature, see the Enable or disable the Jumbo Frames feature section of the "Jumbo Frames" topic.
When you change the MTU value of a NIC on an ECS instance, make sure that the new MTU value does not exceed the maximum MTU supported by the instance. If the new MTU value of the NIC exceeds the MTU limit, the instance may experience network connectivity issues. The maximum MTU supported by the instance is 8,500 bytes when the Jumbo Frames feature is enabled, or 1,500 bytes when the Jumbo Frames feature is disabled or not supported.
In the following examples, the MTU values of NICs are changed to 1,399 bytes on ECS instances that run different operating systems.
Windows instance
Sample operating system: Windows Server 2022.
Connect to a Windows ECS instance.
For more information, see Connect to a Windows instance by using a password or key.
Open Command Prompt or Windows PowerShell.
Run the following command to view the MTUs of Ethernet NICs:
netsh interface ipv4 show subinterfacesThe following command output indicates that the MTUs of the Ethernet NICs are 1,500 bytes.
Run the following command to view the details of parameters in the netsh interface ipv4 show subinterfaces command:
netsh interface ipv4 show subinterfaces ?The following command output describes the parameters.
Run the following command to set the MTU of the NIC named Ethernet to 1,399 bytes and configure the MTU setting to permanently take effect:
netsh interface ipv4 set subinterface Ethernet mtu=1399 store=persistentIf OK is returned, the MTU is changed and the change takes effect. If an error message is returned, resolve the error as prompted.
Query the MTU of the NIC named Ethernet. The following command output indicates that the new MTU takes effect as expected.
Run the following command to view the details of parameters in the netsh interface ipv4 set subinterface command:
netsh interface ipv4 set subinterface ?The following command output describes the parameters.
Linux instance
Sample operating system: Alibaba Cloud Linux 3.2.
Temporarily change the MTU value of a NIC by running the ip command
This method is used to temporarily change the MTU value of a NIC on an instance. If you restart the network service or the instance, the new MTU becomes invalid.
Connect to a Linux ECS instance.
For more information, see Connect to a Linux instance by using a password or a key.
Run the following command to view the MTUs of NICs on the instance:
ip aThe following command output indicates that the MTUs of the primary NIC named eth0 and the secondary ENI named eth1 of the current instance are 1,500 bytes.
Run the following command to temporarily change the MTU of the eth1 NIC to 1,399 bytes:
sudo ip link set dev eth1 mtu 1399Query NIC information. The following command output indicates that the MTU of the eth1 NIC is changed to 1,399 bytes.
Modify the network configuration file of a NIC to permanently change the MTU
You can change the MTU value of a NIC by modifying the network configuration file of the NIC. Then you must restart the network interface service or the instance to allow the change to permanently take effect.
The network configuration file varies based on the Linux distribution and version. In the following example, the Alibaba Cloud Linux 3.2 image compatible with Red Hat Enterprise Linux (RHEL) or CentOS is used.
Before you change the MTU of the secondary ENI named eth1, make sure that you bind the secondary ENI to the instance and correctly configure the secondary ENI. For more information, see Configure a secondary ENI.
Connect to a Linux ECS instance.
For more information, see Connect to a Linux instance by using a password or a key.
Run the following command to view the MTUs of NICs on the instance:
ip aThe command output indicates that the MTUs of the primary NIC named eth0 and the secondary ENI named eth1 of the current instance are 1,500 bytes.
Run the following command to view the configuration files of the NICs:
ls /etc/sysconfig/network-scriptsThe following command output indicates the configuration files of eth0 and eth1.
Run the following command to disable the network configuration feature of cloud-init:
sudo vim /etc/cloud/cloud.cfg.d/99-disable-network-config.cfgAdd the following configuration to the configuration files:
network: {config: disabled}Run the following command to modify the network configuration file of eth1 and add the MTU setting:
sudo vi /etc/sysconfig/network-scripts/ifcfg-eth1
Run the following command to restart the network service to allow the new configuration to take effect:
sudo systemctl restart NetworkManagerQuery the NIC information. The following command output indicates that the MTU of eth1 becomes 1,399 bytes.
MTU limits
MTU limits of ECS network paths
When an ECS instance that supports jumbo frames is used as a source host, the maximum MTU supported by the destination host varies based on the use scenario. The following table describes the maximum MTUs of network paths.
Destination host | Maximum MTU (Bytes) |
ECS instance that has the Jumbo Frames feature enabled and resides in the same virtual private cloud (VPC) or a peered VPC | 8,500 |
ECS instance that has the Jumbo Frames feature disabled and resides in the same VPC or a peered VPC | 1,500 |
ECS instance in a VPC that is connected by using Cloud Enterprise Network (CEN) | |
Host in an on-premises data center that is connected by using Connect Express | |
External host that can be accessed by using an elastic IP address or a public IP address |
For more information, see Overview of VPC peering connections and Manage VPC connections.
MTU limits of cloud network services
Take note of the MTU limits of network services in the following scenarios:
By default, paths within Alibaba Cloud networks support the default MTU of 1,500 bytes. For ECS instances that do not support jumbo frames, the MTU in effect is also determined by the MTUs of associated network services such as VPN Gateway.
When you access specific network services over non-TCP protocols, such as UDP and ICMP, take note of the MTU limits of the network services.
Most Alibaba Cloud services do not support jumbo frames. The following table describes the maximum MTUs supported by specific network services.
Cloud network service | Maximum MTU (Bytes) | Description |
NAT Gateway | 1,500 | None. |
Server Load Balancer (SLB), including Application Load Balancer (ALB), Network Load Balancer (NLB), and Classic Load Balancer (CLB) | ALB instances and CLB instances cannot forward fragmented packets. Set the size limit of each packet that is sent from ECS instances to 1,500 bytes for UDP or ICMP communication. | |
Other Alibaba Cloud services, such as Object Storage Service (OSS) and ApsaraDB RDS | Traffic passes through SLB services. Take note of the limits on the SLB services. | |
Global Accelerator (GA) | None. | |
Cloud Firewall | None. | |
PrivateLink | None. | |
VPN Gateway | 1,399 | For more information, see Configure MTUs. |
Appropriately specify MTU
You can optimize MTU settings to improve network efficiency and performance and reduce the need to fragment and reassemble packets, which helps reduce network latency and improve network throughput. Take note of the following best practices for MTU settings:
Determine a reasonable MTU:
Understand the standard MTU values for the actual network environment. The default Ethernet MTU is 1,500 bytes. For more information, see the MTU classification section of this topic.
The PMTU can be probed by running the ping command. For more information, see the Run the ping command to probe the PMTU section of this topic.
Enable and adapt to PMTUD. Make sure that the operating system or network device supports PMTUD and PMTUD is enabled. You can use the PMTUD feature to dynamically probe and adapt to the maximum MTU on network paths. Applications detect and respond to ICMP error messages by reducing the size of packets to prevent fragmentation.
Take note of network device restrictions. Make sure that the MTU settings of routers, switches, and other network devices are consistent with the MTU settings of the operating system of the instance to prevent data packets in transit from being fragmented or discarded.
Adapt to specific applications. Specific applications or protocols provide recommended MTU values. Real-time applications, such as VoIP and video conferencing, may use a small MTU to reduce latency and improve packet transmission efficiency.
Regularly monitor network performance. Monitor changes in network performance and the MTU value on a regular basis to adapt to changing network conditions by conducting tests, including but not limited to network throughput testing, latency testing, and evaluation of application-specific performance.