Why is 1500 bytes the standard MTU for the internet?

1,500 bytes was chosen for 10 Mbps Ethernet in the 1980s as a balance between header overhead efficiency and the time required to regain access to the physical wire. While speeds have increased 10,000x, changing the 'Magic 1,500' would require every device on the internet to update simultaneously, creating massive compatibility issues.

What is an MTU Black Hole?

An MTU Black Hole occurs when a link has a smaller MTU than the sender expects, and a firewall in the path is blocking ICMP 'Fragmentation Needed' messages. The sender never learns to shrink its packets, so large packets are silently dropped while smaller ones (like Pings) continue to work.

How does VXLAN affect my MTU?

VXLAN (and other tunnels like GRE or IPsec) adds extra headers to the original packet (typically 50 bytes for VXLAN). If the original packet was 1,500 bytes, the encapsulated packet becomes 1,550 bytes. If the physical network only supports 1,500, the packet will be dropped or fragmented unless you shrink the inner MTU or enable Jumbo Frames on the physical wire.

What is MSS Clamping?

MSS Clamping is a technique where a router intercepts the TCP SYN packet and modifies the MSS value inside the header. By reducing the MSS (e.g., to 1,360), the router forces the two endpoints to send smaller packets that will fit through a tunnel without fragmentation.

Does UDP have an MSS equivalent?

No. UDP is connectionless and lacks the negotiation phase of TCP. Applications using UDP (like QUIC or Video Streaming) must implement their own MTU discovery mechanisms (like Packetization Layer Path MTU Discovery - PLPMTUD) to avoid fragmentation.

MTU & MSS Logic: Packet Sizing Forensics

The Layer 2 Ceiling

1. $\\text{MTU}$ : The Maximum Transmission Unit

The $\\text{MTU}$ is the largest frame that a physical network interface can transmit without fragmentation. On Ethernet, the 'Magic Number' is $1{,}500\\, \\text{bytes}$ . Everything—from your laptop to the switches in the core—is tuned to this number.

The Header Forensics

\\text{Ethernet Payload (MTU)} = 1{,}500\\, \\text{bytes}

This $1{,}500\\, \\text{bytes}$ includes the $\\text{IP}$ header ( $20\\, \\text{bytes}$ ) and the $\\text{TCP}$ header ( $20\\, \\text{bytes}$ ). Therefore, the actual data (the Maximum Segment Size - $\\text{MSS}$ ) is $1{,}460\\, \\text{bytes}$ . If you add $\\text{VLAN}$ tags ( $\\text{802.1Q}$ ), an extra $4\\, \\text{bytes}$ are consumed, although most modern $\\text{NICs}$ allow $1{,}500$ payload bytes *exclusive* of the $\\text{L2}$ framing.

Loading Visualization...

The Layer 4 Treaty

2. $\\text{MSS}$ : The Maximum Segment Size Negotiation

Unlike $\\text{MTU}$ , which is a hardware limit, the $\\text{MSS}$ is a negotiated agreement between two $\\text{TCP}$ hosts. During the 3-Way Handshake, each side says: 'I can accept a payload up to $\\text{X}$ bytes.'

RFC 879: The $\\text{MSS}$ Logic

\\text{MSS} = \\text{MTU}_{\\text{local}} - 40\\, \\text{bytes}

If $\\text{H1}$ has an $\\text{MTU}$ of $1{,}500$ , it sends a $\\text{SYN}$ with $\\text{MSS}=1{,}460$ . If $\\text{H2}$ is on a $\\text{VPN}$ with an $\\text{MTU}$ of $1{,}400$ , it responds with $\\text{MSS}=1{,}360$ . The $\\text{TCP}$ stack automatically chooses the *lowest common denominator* for the session.

The Path Discovery

3. Path $\\text{MTU}$ Discovery: The Feedback Loop

How does a server in California know that a home router in London has an $\\text{MTU}$ of $1{,}492$ ( $\\text{PPPoE}$ )? $\\text{PMTUD}$ .

The $\\text{DF}$ -Bit Protocol

Sender sets the Don't Fragment ( $\\text{DF}$ ) bit in the $\\text{IP}$ header.
Small-bore router encounters the packet.
Router sends back an $\\text{ICMP}$ Type 3 Code 4 (Fragmentation Needed).
Sender receives the $\\text{ICMP}$ , updates its path $\\text{MTU}$ , and resends.

The Silent Killer:

Many security 'experts' block $\\text{ICMP}$ 'for security.' This breaks $\\text{PMTUD}$ , creating an $\\text{MTU}$ Black Hole. Small packets ( $\\text{SYNs}$ ) work, but full-sized data packets are silently discarded. The connection hangs indefinitely. NEVER BLOCK ALL $\\text{ICMP}$ .

The Overhead Cost

4. Encapsulation Hydraulics: VXLAN & Jumbo Frames

Modern fabrics use overlays ( $\\text{VXLAN}$ , $\\text{GENEVE}$ ). These add headers to the packet, creating a 'Sizing Paradox.'

The $\\text{VXLAN}$ Math

Standard Packet: $1{,}500\\, \\text{bytes}$ .
$\\text{VXLAN}$ Overhead: $50\\, \\text{bytes}$ ( $\\text{Ethernet}$ , $\\text{IP}$ , $\\text{UDP}$ , $\\text{VXLAN}$ ).
Encapsulated Packet: $1{,}550\\, \\text{bytes}$ .

If the core network only supports 1,500, we must either shrink the server $\\text{MTU}$ to $1{,}450$ (which hurts performance) or enable Jumbo Frames ( $9{,}000\\, \\text{bytes}$ ) on the physical switches. In 2026, Jumbo Frames are mandatory for any high-performance fabric.

// Scientific Audit: Verified against

\\text{RFC 791}

(

\\text{IP}

\\text{RFC 793}

(

\\text{TCP}

\\text{RFC 1191}

(

\\text{PMTUD}

), and

\\text{RFC 7348}

(

\\text{VXLAN}

) as of

\\text{Q2 2026}

Frequently Asked Questions

Technical Standards & References

IETF

RFC 791: Internet Protocol Specification

VIEW OFFICIAL SOURCE

IETF

RFC 1191: Path MTU Discovery

VIEW OFFICIAL SOURCE

IETF

RFC 4821: Packetization Layer Path MTU Discovery

VIEW OFFICIAL SOURCE

Cloudflare Engineering

The Story of the MTU

VIEW OFFICIAL SOURCE

Cisco Systems

VXLAN MTU: Design Considerations

VIEW OFFICIAL SOURCE

Mathematical models derived from standard engineering protocols. Not for human safety critical systems without redundant validation.

Related Engineering Resources

Interactive Tool

TCP Optimization

Deep dive into congestion control and window sizing.

Interactive Tool

OSI Model Forensics

Understanding where MTU and MSS live in the stack.

Interactive Tool

VXLAN Encapsulation

The forensics of the tunnel overhead.

Interactive Tool

BGP EVPN Fabrics

The control plane for jumbo-enabled networks.

Partner in Accuracy

"You are our partner in accuracy. If you spot a discrepancy in calculations, a technical typo, or have a field insight to share, don't hesitate to reach out. Your expertise helps us maintain the highest standards of reliability."

Contributors are acknowledged in our technical updates.

In a Nutshell

1. textMTU\\text{MTU}textMTU: The Maximum Transmission Unit

The Header Forensics

2. textMSS\\text{MSS}textMSS: The Maximum Segment Size Negotiation

RFC 879: The textMSS\\text{MSS}textMSS Logic

3. Path textMTU\\text{MTU}textMTU Discovery: The Feedback Loop

The textDF\\text{DF}textDF-Bit Protocol

The Silent Killer:

4. Encapsulation Hydraulics: VXLAN & Jumbo Frames

The textVXLAN\\text{VXLAN}textVXLAN Math

Frequently Asked Questions

Technical Standards & References

Related Engineering Resources

TCP Optimization

OSI Model Forensics

VXLAN Encapsulation

BGP EVPN Fabrics

1. $\\text{MTU}$ : The Maximum Transmission Unit

2. $\\text{MSS}$ : The Maximum Segment Size Negotiation

RFC 879: The $\\text{MSS}$ Logic

3. Path $\\text{MTU}$ Discovery: The Feedback Loop

The $\\text{DF}$ -Bit Protocol

The $\\text{VXLAN}$ Math