Ping MTU – Find a Path’s MTU using PING Command

In some cases, higher-layer protocols may create large-size packets that not all network paths can support, such as in the case of the jumbo frames. These large packets (or frames) exceed the conventional Ethernet 1500 bytes of MTU (Maximum Transmission Unit).

So, the routers along the path with a default Ethernet MTU in their interfaces will fragment any of these large-size packets that threaten to hurt their performance. An improperly configured MTU can lead to failed transfers and intermittent connectivity.

But what is more daunting is that troubleshooting these kinds of problems can be really challenging. Fortunately, we can do advanced troubleshooting and find the path MTU with the precious simple networking tool — The Ping Command.

What is MTU?

The greatest data packet size that an Internet-connected device may handle is measured in bytes as the maximum transmission unit (MTU). Think of it as being similar to a height restriction for motorway underpasses or tunnels: Vehicles that exceed the height restriction are not allowed to pass, just as packets that exceed the MTU of a network are not allowed to flow across that network.

Contrary to vehicles and trucks, data packets that are larger than the MTU are divided into smaller bits in order to fit through, also known as Fragmentation. Upon arrival, disassembled parcels are put back together.

Before we proceed further, it is important to know that the performance is negatively impacted by fragmentation since it increases delay and adds additional data. For optimal performance, the MTU of the original transmitting device should be set as large as it can be while still being less than the MTU of every other device in the network between the sender and final recipient. In reality, a transmitting device will only be aware of the MTU of the device after it is in the chain of communication.

Usually, MTU parameters are associated with a network device interface, such as a NIC or serial port. While network protocols like Ethernet have a set MTU size, links like point-to-point networks often decide MTU during the connecting period.

Path MTU Discovery and its limitations

As the name suggests, Path MTU Discovery (PMTUD) is the process of determining the MTU on the network path between two nodes, which is usually done with the purpose of preventing IP fragmentation. When PMTUD is enabled, a computer attempting to send packets to a router must determine the MTU specifications of the router and modify the packet size appropriately to prevent fragmentation. For networks using IPv4 or IPv6, PMTUD functions a little bit differently.

In order for IPv4 Path MTU Discovery to function, the “Don't Fragment (DF)” flag bit must be set in the IP headers of outgoing packets. After that, any device along the path whose MTU is a bit smaller than the packet will drop it and reply with the message “Packet must be fragmented” in ICMP. The source host is then able to suitably lower its Path MTU. The procedure is carried out once more until the MTU is minimal enough to travel the full path without fragmentation.

However, there is no “Don't Fragment” option for IPv6 because it does not permit fragmentation. Since IPv6 routers do not fragment packets, if a packet's MTU is exceeded, the router drops the packet and sends back the corresponding ICMP message without first looking for the “Don't Fragment” signal. The source host can now appropriately lower its Path MTU thanks to this. The procedure is carried out again until the MTU is small enough to transit the whole path without fragmentation.

Usually, the PMTUD functions as stated above, but there are cases in which it fails. The Internet Engineering Task Force (IETF) claims that the following factors may have contributed to the failure:

• Malicious attacks ICMP messages can be easily falsified and are not validated by the receiver, making PMTUD vulnerable to malicious attacks. As a result of such attacks, PMTUD may generate excessively pessimistic PMTU estimates.
• Blocked ICMP transmissions For PMTUD to work, ICMP messages must be delivered to the source node through the network. In fact, for security purposes, most network security devices block ICMP messages. Thus, in the case, if the source node can't receive ICMP messages from the network, PMTUD fails.

The ability of network devices to agree on and communicate the Maximum Segment Size of the packets they are able to receive is a frequent workaround used in certain routers. Maximum Segment Size (MSS) is the largest data payload that a device accepts from a network connection and this whole process is termed as MSS clamping.

Another method you can rely on to ascertain the path MTU without necessarily relying on Path MTU Discovery is using the Ping Command. It helps find out the MTU of a network path. Using the ‘Ping' command, you can send packets with the “Don't Fragment” bit turned on (only for IPv4 networks).

How Does Path MTU Discovery Work?

The default Ethernet II MTU size is 1500 bytes, which is the largest size allowed in most of the Internet.

Although this value is known to be suitable for most environments, it is sometimes adjusted to a higher or lower value.

Adjusting MTU values can help match and improve the capacity of the network.

Larger MTU values can lead to lower network overhead, while a smaller MTU can help decrease the network delay.

How do routers discover MTU in a path?

Modern routers and endpoints use a process known as Path MTU Discovery (PMTUD) to find the path MTU, which is smaller than its interface MTU.

The goal of this process is to find the MTU size of a path while avoiding IP fragmentation.

The PMTUD works by setting the “Don’t Fragment (DF)” flag bit ON, within the IP packet header.

Routers along the path will receive these incoming packets and compare them with their MTU.

If the router interface’s MTU is smaller than the packet’s, and the packet contains the “Don’t Fragment” flag bit on, then the router will be forced to drop the packet and send back an ICMP Fragmentation Needed error message.

Knowing that the path MTU is too large, the source can adjust its packet’s MTU accordingly.

The process is repeated until the MTU has the right size to go through the entire path without fragmentation.

Simulating the Path MTU Discovery Process

You can simulate the Path MTU Discovery process using the ICMP Ping command with additional flags.

Perform a Ping to the target destination address. It can be the local gateway, a server, or a remote IP address.

To do this, we will be using the following additional Ping Flags:

• -f: Set Don't Fragment flag in packet (IPv4-only).
• -l size: Send buffer size.

Start by adjusting the TCP send buffer (size) with the “-l” flag. In the following Windows OS screenshot, you can see that we are sending an ICMP packet of 2000 bytes in size to the public IP 1.1.1.1

The Ethernet packet with a size of 2000 bytes is generally larger than most MTU in typical networks.

The packet is successfully going through the path and reaching its destination because it is being fragmented by the routers along the path.

Now, let’s see what happens when we set the “Don't Fragment” flag, with the following command:

Windows:

ping (destination IP) (-f) (-l (packet size))

When a packet is too large for a path MTU, a router would usually fragment it into pieces for a safer delivery.

But, as you can see from the screenshot above, now the destination returns a “Packet needs to be fragmented but DF set”.

Since we are choosing not to fragment packets, all the routers along the path will see no choice than to drop the packet.

For other Operating Systems:

Linux Ping Command:

ping (-M do) (-s (packet size)) (destination)

 

macOS Ping Command:

ping (-D) (-s (packet size)) (destination)

How to Find the Path’s MTU with Ping?

Now, to find the path MTU with a Ping command, you would need to repeat the process shown before and adjust the packet size every time.

You will ultimately find the path MTU by trial and error.

In the previous ping test, we used the 2000 bytes as the packet size.

You would probably want to start with a number around 1800-2000 bytes and move down every couple of 100 bytes until you get a successful ping reply.

As you can see in the following screenshot, we started with 1800, tested with 1500, until 1400 finally gave a successful reply.

That means the path MTU between our source and destination is somewhere between 1400 and 1500 bytes.

The next step would be to move the size up between 10-50 bytes until you get another successful reply.

We tested with 1450 bytes and got a reply, which means our value is above that.

Repeating this process led us to find the value, which is 1452 bytes.

The routers along the path were still fragmenting 1453 bytes (but not 1452). They considered 1453 to be too large to traverse the path.

But 1452 was the first proper packet size that returned a successful ICMP reply. My MTU value 1452 is common in Ethernet II.

But one more thing…

We have to take into account the size of the TCP/IP header, which can range between 20-60 bytes. The header size varies according to the transmission media.

According to a chart from Wikipedia.

My Point-to-Point Protocol over Ethernet (PPPoE) header takes up 8 bytes in size, while the IPv6 header accounts for 40 bytes in size. So, the size of my TCP/IP header is 48 bytes (40+8).

Let’s take the packet size that gave us the ping reply (1452 bytes) and add it to the header size (48 bytes).

That leads us to the real MTU size, which is 1500 bytes, the common Ethernet MTU.

1452 is the data payload size or Maximum Segment Size (MSS), that results from the 1500 MTU.

Ping MTU FAQs

Related Post: How to Scan a Network for IP Addresses