MTU Settings

Jawhead

Hi, Guys please enlighten me about setting up of MTU on the Interface,
Let say, If I put 1400 MTU on the Interface should I need to enter the value of MSS with -40 on the MTU above? is this required or I can leave it blank?

and also is this normal behavior I put 1400 MTU in One interface and I notice on the -Status->Interfaces all other Interfaces inherit 1400 MTU even that the other interfaces have no value on the MTU settings.

Model: XG-7100 (HA)
Firmware Version: 2.4.4_p2

Thank You

stephenw10

What interface did you apply that on?

You would see it inherited to VLAN interfaces on that parent.

Steve

JKnott

When you set MTU, you shouldn't need to set MSS. If you have to, it indicates a problem somewhere. When you set MTU it puts a maximum size on the packet and, with TCP, the two ends negotiate the maximum size to use. MSS is used by a router to limit the packet size, regardless of what the MTU is set to. I have never needed to set MSS.

Jawhead

@stephenw10 I applied it on port 3. and notice that all interfaces inherit the same MTU including the VLANs configured in Port 5.

Jawhead

@JKnott Thank You so it okay to leave it blank?

stephenw10

Hmm, interesting. The only way that can be set on a virtual interface like that it to set it on the parent which then affects all interfaces on it.

Check ifconfig -a at the command prompt to see which interfaces are actually set. I imagine you will see lagg0 is.

Steve

JKnott

@Jawhead said in MTU Settings:

@JKnott Thank You so it okay to leave it blank?

Yes, unless there's a problem that needs it. Packet size should be determined by the source (and destination with TCP). It's based on the hardware, typically 1500 for Ethernet, though there may be exceptions such as 1492 for DSL connections, where PPPoE is used. In data centres, you may find jumbo frames are used, with 9000 MTU. Regardless of what the original MTU is set to, routers need some means to deal with packets that are too big to pass over the next link. Originally, that was fragmentation, though now moving to Path MTU Detection, where the router will send a "Too big" ICMP message back to the source. Path MTU Detection is mandatory on IPv6. With Linux, it's also used for everything on IPv4, but Windows only uses it for TCP. When you leave MSS blank, the operating system will automagically determine it from the MTU.

Jawhead

@stephenw10 hi Steve here's the output;

I also notice that I can't manually assign the MTU ex. 1500, here's the error when I tried;

Jawhead

@JKnott Hi JKnott thank you, My problem now I can't assign specific MTU for each Interface. :( I don't know where am I missing.

stephenw10

Becasue the MTU of lagg0 is 1400. VLANs on it cannot have a larger MTU.

You can't set separate MTU values. Everything on lagg0 will have the same MTU as lagg0.

Steve

JKnott

@Jawhead said in MTU Settings:

@JKnott Hi JKnott thank you, My problem now I can't assign specific MTU for each Interface. :( I don't know where am I missing.

Are you talking about VLANs or separate interfaces? I just tried on a couple of interfaces and it worked correctly. However, I expect VLANs would be determined by the physical interface. I just tried setting the MTU of a VLAN larger than the physical interface and got the same error as above. However, it doesn't seem to mind a smaller MTU on the VLAN. If you really do need to have different size MTUs, perhaps you can work around this by making VLAN the interface with the smaller MTU.

I expect setting the MTU on the physical interface sets a value in the NIC that the VLANs have to live with.

Jawhead

@stephenw10 Hi Steve that happened when I put a 1400 MTU on Port 3, I have a workaround here [1] Delete the 1400 MTU on Port 3, then for All Interfaces, I will manually enter the default MTU value of 1500, [2] On Port 3 I will put 1400 MTU.
Do think It will work? since the parent, MTU is Larger than 1400?

Jawhead

@JKnott Hi JKnott all those 1-8 interfaces of our appliance is under LAGG0 and each Interface has the VLAN tagged.

I also have a LAGG1 bonded interface of ix0 and ix1 10GB SFP+ each, on the previews version of pfSense before the release of 2.4.4_p2 I can put 9000 MTU but now I'm getting the error of "The MTU of a VLAN cannot be greater than that of its parent interface." which is the default is 1500 as you can see in the image on my previews comment.

JKnott

@Jawhead said in MTU Settings:

On Port 3 I will put 1400 MTU.
Do think It will work? since the parent, MTU is Larger than 1400?

Give it a try and see what happens. Once it's enabled, you can ping with various size packets to ensure the lower MTU is working.

JKnott

@Jawhead said in MTU Settings:

@JKnott Hi JKnott all those 1-8 interfaces of our appliance is under LAGG0 and each Interface has the VLAN tagged.

I also have a LAGG1 bonded interface of ix0 and ix1 10GB SFP+ each, on the previews version of pfSense before the release of 2.4.4_p2 I can put 9000 MTU but now I'm getting the error of "The MTU of a VLAN cannot be greater than that of its parent interface." which is the default is 1500 as you can see in the image on my previews comment.

Well, that's pretty much what we've been saying, a VLAN cannot use a larger MTU than the parent.

Jawhead

@JKnott Hi It's not working, the MTU I set on port 3 is 1400, but when I check on Status-->Interfaces It's still 1500. Take note I rebooted the firewall after changing the MTU.

JKnott

@Jawhead said in MTU Settings:

@JKnott Hi It's not working, the MTU I set on port 3 is 1400, but when I check on Status-->Interfaces It's still 1500. Take note I rebooted the firewall after changing the MTU.

I expect that's due to the MTU being set on the NIC, not in FreeBSD. If so, you're trying to set the same hardware to different MTU. I don't know enough about the network stack to say for certain.