• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Router MTU

Status
Not open for further replies.
L

llee

Golden Member
Why is it that configuring a router's MTU settings from automatic 1500 to a manual setting that's lower e.g. 1400 will solve VPN issues, connectivity problems, etc. Does the packet size really matter that much?
 
You will get much better answers in the networking forum as this isn't really all that highly technical.

The root of the problem you are describing is that a VPN will encapsulate your data packet so it can provide it's own security measures. When you do that you have to increase your packet size to accommodate the new header information.

Anytime you try to send a packet that is larger than your MTU you have to break it up into multiple frames so that it can be passed along the network. So if you force your packets to have a frame size much lower than 1500 then when the VPN encapsulates the packet you are still below 1500 and can send the packet along unharmed.

Why is breaking packets up bad? It causes excessive CPU/Memory usage and in the case of a VPN the overhead increases as well. If a packet has to be split up so it can fit inside the MTU size you are having to duplicate the IP headers/VPN headers which creates extra data to send, so you lower the amount of actual data you can send because you have more overhead.
 
Crusty said:
You will get much better answers in the networking forum as this isn't really all that highly technical.

The root of the problem you are describing is that a VPN will encapsulate your data packet so it can provide it's own security measures. When you do that you have to increase your packet size to accommodate the new header information.

Anytime you try to send a packet that is larger than your MTU you have to break it up into multiple frames so that it can be passed along the network. So if you force your packets to have a frame size much lower than 1500 then when the VPN encapsulates the packet you are still below 1500 and can send the packet along unharmed.

Why is breaking packets up bad? It causes excessive CPU/Memory usage and in the case of a VPN the overhead increases as well. If a packet has to be split up so it can fit inside the MTU size you are having to duplicate the IP headers/VPN headers which creates extra data to send, so you lower the amount of actual data you can send because you have more overhead.
Click to expand...

That makes sence to me, but why would the OP think a smaller MTU was better for VPN, since a smaller MTU would result in more packet splits
 
Because VPN packets need to be tunnelled/encapsulated and the encapsulation takes space. If the MTU of your public network (e.g. Internet) is 1500, then your private packets on your VPN must be smaller, so that they do not have to be fragmented once the baggage of the encapsulation is added.

This wiuld normally be done by the VPN client/server.
 
You're probably on a PPPoE connection and have a router that screws up and sets the MTU to 1500 anyway...lot of (at least some older, popularly used ones) Linksys ones did that. RV016, RV082, etc. Manual 1492, and good times.
 
Status
Not open for further replies.

TRENDING THREADS

Back
Top