Home

How to determine the proper MTU size with ICMP pings

2009, May 17 - 15:16 — müzso
There's a nice intro on the topic in one of the Linksys knowledgebase articles. I copy the info here so it won't vanish once their knowledgebase goes offline. The original article used the Windows ping command in its examples, but I've added linux and Mac specific examples too.

To find the proper MTU size, you'll have to do a special ping of the destination you're trying to go to. This could be a local machine (a router, gateway, etc.) or a distant server on the internet (eg. example.com).

In case of a Windows machine the ping command should be formatted like:
ping [-f] [-l <packet size>] [host]

An example test-run would be:
ping -f -l 1472 example.com
(result = "Packet needs to be fragmented but DF set.")
ping -f -l 1462 example.com
(result = "Request timed out.")
ping -f -l 1452 example.com
(result = reply)

The options used are:
  • -f: set "Don't Fragment" flag in packet
  • -l size: send buffer size
In case of Linux, the command line should be:
ping [-M do] [-s <packet size>] [host]

An example test-run would be:
ping -M do -s 1472 example.com
(result = "Frag needed and DF set")
ping -M do -s 1462 example.com
(result = "Frag needed and DF set")
ping -M do -s 1452 example.com
(result = reply)

The options used are:
  • -M <hint>: Select Path MTU Discovery strategy. <hint> may be either "do" (prohibit fragmentation, even local one), "want" (do PMTU discovery, fragment locally when packet size is large), or "dont" (do not set DF flag).
  • -s packetsize: Specifies the number of data bytes to be sent. The default is 56, which translates into 64 ICMP data bytes when combined with the 8 bytes of ICMP header data.
In case of Mac (Leopard), the command should be:
ping [-D] [-s <packet size>] [host]

An example test-run would be:
ping -D -s 1472 example.com
(result = "sendto: Message too long")
ping -D -s 1462 example.com
(result = "frag needed and DF set")
ping -D -s 1452 example.com
(result = reply)

The options used are:
  • -D: set the "Don't Fragment" bit
  • -s packetsize: Specify the number of data bytes to be sent. The default is 56, which translates into 64 ICMP data bytes when combined with the 8 bytes of ICMP header data.
You should always start at 1472 and work your way down by 10 each time. Once you get a reply, go up by 2 until you get a fragmented packet. Take that value and add 28 to the value to account for the various TCP/IP headers. Eg. let's say that 1452 was the proper packet size (where you first got an ICMP reply to your ping). The actual MTU size would be 1480, which is the optimum for the network we're working with.

You can read more about MTU in the respective Wikipedia article.

Syndicate content