How To Calculate MTU and MSS in the Network. ?
Maximum Transmission Unit (MTU) is the largest size in bytes that can be transmitted on the Ethernet. In Ethernet the default MTU of 1500 bytes. This means that a single Ethernet frame can carry up to 1500 bytes of data. On top of this data, we add the Ethernet header of 14 bytes and add another 4 bytes if we use 802.1Q trunking..Now let’s say we are not using the trunking and our MTU is 1514 bytes.
So the total calculation would be like this given below.
- 14 bytes for the Ethernet header.
- 20 bytes for the IP header.
- 20 bytes for the TCP header.
- 1460 bytes of Payload.
The total packet and Payload size would be :
1460 (PAYLOAD) + 20 (TCP) + 20 (IP) = 1500 bytes + 14 (ETHERNET) = 1514 bytes in total.
How to calculate the Correct MSS Size .
The maximum amount of payload that TCP can use is called the TCP MSS (Maximum Segment Size). This MSS value is the largest amount of data that a host can receive in a single TCP segment.
Now let’s take an example of a diagram of my own, I have connected to the internet
through one ISP and my ISP has given me a broadband connection over PPPoE. So now
let’s see how it’s affecting my MTU over PPPoE because PPPoE adds another 8-byte header
on top of ethernet..Let’s see the payload now.
As you can see above I have a packet where the PPPoE 8byte has been added.
So the total calculation would be like this given below.
- 14 bytes for the Ethernet header.
- 8 byte for the PPPoE header.
- 20 bytes for the IP header.
- 20 bytes for the TCP header.
- 1452 bytes of Payload.
The total packet and Payload size would be :
1452 (PAYLOAD) + 20 (TCP) + 20 (IP) = 1500 bytes + 14 (ETHERNET) + 8(PPPoE)= 1514 bytes in total.
Now you can see the Total payload size is 1452 bytes. So The largest TCP segment size will be only 1452 bytes (1500 – 40(IP/TCP)-8(PPPoE) = 1452 byte).
Now Lets test it,
Note:-I should not be able to send the packet above 1452 bytes of payload. and the very
important this is that the ISP may be using the fragmentation but make sure you are using
the don’t fragment bit for testing it.in windows CMD, you can use -f option for don’t
fragment(DF bit Set) … Let’s test now..
Now let’s test the ping without fragmenting. it means we should be able to send a packet
up to 1452 bytes without any fragmentation .find the output is given below.
C:\WINDOWS\system32>ping -l 1452 -f google.com
Pinging google.com [142.250.76.206] with 1452 bytes of data:
Reply from 142.250.76.206: bytes=68 (sent 1452) time=75ms TTL=117
Reply from 142.250.76.206: bytes=68 (sent 1452) time=79ms TTL=117
Reply from 142.250.76.206: bytes=68 (sent 1452) time=67ms TTL=117
Reply from 142.250.76.206: bytes=68 (sent 1452) time=69ms TTL=117
Ping statistics for 142.250.76.206:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 67ms, Maximum = 79ms, Average = 72ms
C:\WINDOWS\system32>ping -l 1453 -f google.com
Pinging google.com [142.250.76.206] with 1453 bytes of data:
Reply from 192.168.1.1: Packet needs to be fragmented but DF set.
Packet needs to be fragmented but DF set.
Packet needs to be fragmented but DF set.
Packet needs to be fragmented but DF set.
Ping statistics for 142.250.76.206:
Packets: Sent = 4, Received = 1, Lost = 3 (75% loss),
C:\WINDOWS\system32>
According to the above output, we are able to ping up to a size of 1452 bytes but when
we are sending the packet above 1452 bytes, it’s saying that the packet needs to be
fragmented. Now let’s remove the DF bit and check.
C:\WINDOWS\system32>ping -l 1453 google.com
Pinging google.com [142.250.199.174] with 1453 bytes of data:
Reply from 142.250.199.174: bytes=68 (sent 1453) time=75ms TTL=117
Reply from 142.250.199.174: bytes=68 (sent 1453) time=88ms TTL=117
Reply from 142.250.199.174: bytes=68 (sent 1453) time=71ms TTL=117
Reply from 142.250.199.174: bytes=68 (sent 1453) time=69ms TTL=117
Ping statistics for 142.250.199.174:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 69ms, Maximum = 88ms, Average = 75ms
C:\WINDOWS\system32>
Now as you can see in the above output,I am able to ping at a packet size above 1452 bytes
because my isp router is fragmenting my packet which is above 1452byte.
Note:-Now if you are not connected to your ISP over a PPPoe and if you ping with the Don’t Fragment set(DF Bit) then a packet size of 1472 bytes should work but a packet size of 1473 bytes should not work.
But If you are using PPPoE you will find that your ping will fail with a packet size
of 1472 bytes. This is because PPPoE has its own packet header of 8 bytes. If you
subtract the PPPoE header from our previous value you will get the actual largest
ICMP packet size: 1472 – 8 = 1464 bytes.
So in PPPoE without jumbo capable, you can’t send a packet size above 1464 bytes.
Find the output details below of a non-PPPoE user where I am able to ping with the
packet size of 1472 bytes.
Find the resulting output given below.
C:\WINDOWS\system32>ping -l 1472 google.com
Pinging google.com [172.217.27.206] with 1472 bytes of data:
Reply from 172.217.27.206: bytes=68 (sent 1472) time=95ms TTL=117
Reply from 172.217.27.206: bytes=68 (sent 1472) time=103ms TTL=117
Reply from 172.217.27.206: bytes=68 (sent 1472) time=73ms TTL=117
Reply from 172.217.27.206: bytes=68 (sent 1472) time=71ms TTL=117
Ping statistics for 172.217.27.206:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 71ms, Maximum = 103ms, Average = 85ms
C:\WINDOWS\system32>ping -l 1473 google.com
Pinging google.com [172.217.27.206] with 1473 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 172.217.27.206:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
C:\WINDOWS\system32>