Skip to content

MTU — Trivia & Interesting Facts

Surprising, historical, and little-known facts about Maximum Transmission Unit.

The 1500-byte Ethernet MTU was chosen based on 1970s RAM prices

The original Ethernet specification (1980) chose 1500 bytes as the maximum payload because the buffer memory in network interface cards was expensive. 1500 bytes was a compromise between efficiency (larger frames waste less bandwidth on headers) and cost (larger buffers cost more). By the time RAM became cheap, the 1500-byte MTU was so deeply embedded in networking equipment and assumptions that changing it became practically impossible.

Path MTU Discovery is broken across much of the Internet

Path MTU Discovery (RFC 1191, 1990) works by sending packets with the "Don't Fragment" (DF) bit set and relying on routers to send back ICMP "Fragmentation Needed" messages when a packet is too large. In practice, many firewalls and security devices block all ICMP traffic, including these essential messages. The result is a "black hole" where large packets are silently dropped. This is one of the most common causes of mysterious connectivity issues where small transfers work but large ones fail.

TCP MSS clamping is a hack that saved the Internet from broken PMTUD

Because Path MTU Discovery is unreliable, routers often perform "MSS clamping" — modifying the TCP Maximum Segment Size option in SYN packets to match the known path MTU. This is technically a violation of the end-to-end principle (an intermediate device is modifying transport-layer data), but it works so reliably that it's the default on virtually every PPPoE connection and VPN tunnel. The iptables -j TCPMSS --clamp-mss-to-pmtu rule is one of the most widely deployed iptables rules in existence.

Jumbo frames (9000+ bytes) have been "almost standard" for 25 years

Jumbo frames (typically 9000-9216 byte MTU) were first supported by Alteon Networks switches in 1998. Despite being supported by essentially every enterprise switch and NIC for over two decades, jumbo frames have never been standardized by the IEEE. There is no official 802.3 standard for frames larger than 1518 bytes. This means "jumbo frame" support is a gentleman's agreement between vendors, with subtle differences in maximum supported sizes.

On a path where one link has a 1500-byte MTU and the rest support 9000 bytes, only packets larger than 1500 bytes are dropped (assuming DF bit is set). For typical traffic distributions, this often manifests as "some things work, some don't" — SSH works (small packets), SCP fails (large packets), ping works (default 64 bytes), ping -s 1472 fails. This pattern is so distinctive that experienced engineers recognize it immediately as an MTU problem.

The DF bit was optional, and IP fragmentation was supposed to just work

The original IP specification (RFC 791, 1981) treated fragmentation as a normal, expected part of IP routing — any router could fragment a packet that was too large. The DF bit was added as an optional optimization. Over time, fragmentation became increasingly problematic: it worsens performance, creates reassembly vulnerabilities, and interacts badly with NAT and stateful firewalls. IPv6 removed router-side fragmentation entirely — only the sending host can fragment.

VXLAN, GRE, and IPsec all reduce your effective MTU silently

Encapsulation protocols add headers that eat into the available payload. VXLAN adds 50 bytes, GRE adds 24-28 bytes, and IPsec in tunnel mode adds 50-70+ bytes depending on the cipher. If the outer MTU is 1500, the inner payload is reduced accordingly. This means an application sending 1500-byte packets over a VPN tunnel will either trigger fragmentation or black-hole — and the application has no visibility into why.

Baby jumbo frames (1600-2000 bytes) exist for MPLS and provider networks

Service provider networks often use slightly enlarged MTUs (sometimes called "baby jumbo") to accommodate MPLS label stacks. Each MPLS label adds 4 bytes, and a typical provider path might have 2-3 labels. An MTU of 1600 bytes on the provider backbone allows customer traffic with a 1500-byte MTU to traverse the network without fragmentation. This is why ISPs often set backbone interface MTUs to specific values like 1552 or 1600.

MTU mismatch detection is not built into any standard protocol

No standard IP or Ethernet protocol proactively warns you about MTU mismatches on a link. OSPF will detect it (two routers won't form an adjacency if MTUs differ), but only because RFC 2328 requires MTU matching during database description exchange. BGP doesn't check MTU at all. Most MTU problems are discovered only when traffic fails — and even then, the symptoms often look like an application bug, not a network issue.