What's the best MTU setting for a web server?

Question

I manage several web servers and their MTU settings were set at 1500 by default. Some of the machines have an MTU setting of 576. I've read a bunch about MTU and I feel I understand it well enough but I don't have a good sense for the current state of hardware between my router and my user's PCs. Is 1500 a sane MTU to run on a public web server or will I be causing problems for some users? thanks! fz

score 6 · Answer 1 · edited Oct 07 '21 at 06:47

The short answer: "It depends".

The longer answer:

normally the TCP implements path MTU discovery algorithm (RFC1191).

However, the problem is that the middleboxes sometimes drop the ICMP messages "Fragmentation Needed, DF bit set" that are used for this. That said, it is usually infrequent - so you should be ok with the default MTU of 1500 - assuming your side does not filter ICMP unnecessarily, the failures to connect will be caused by the misconfigurations on the client side.

the MTU of 576 is assumed if the host does not implement the Path MTU discovery (if you explicitly disable it). This will cause lower performance for the connections, so better do not touch it.

So, normally 1500 should be a reasonable MTU to run in the vast majority of the cases - unless a very specific case where the firewall administrator on your side is overzealously blocking ICMP and the remote client is connecting via a path with a link inbetween that has a smaller MTU. But still, this case is best fixed by reconfiguring the firewall, so again 1500 should be fine.

If you were stuck behind such a firewall, you might want to try something like 1400. That leaves room for various packet encapsulation techniques that will use part of the default ethernet 1500 (e.g., PPPOE, IPSEC, GRE). But, it leaves it at a reasonable size for relatively high performance. — Dan Pritts, Aug 29 '15 at 03:52

score 2 · Answer 2 · answered Jul 21 '09 at 17:04

2

Sure, 1500 is a sane value.

The best value really requires you to understand a lot of the hardware and protocols you use and how they work. 1500 is a very reasonable starting place.

I haven't used it myself, but the SG TCP Optimizer has been recommend to help you investigate your system.

That all said, the answer "it depends" is very right, and if I was trying to optimize my web server's speed I would start with something I have better control over.

answered Jul 21 '09 at 17:04

Agreed. I'd definitely start with something else. – Jul 21 '09 at 17:07
"It depends" was more about the specific circumstances. Usually you should not need to change it. I've updated my 'longer' answer with more details on what and why. – Jul 21 '09 at 17:11

score -2 · Answer 3 · answered Jul 21 '09 at 17:06

-2

frankzappa. This paper answers your question exactly, and it's a quick read:

ftp://ftp.cup.hp.com/dist/networking/briefs/WebMTU.ps

answered Jul 21 '09 at 17:06

hobodave

2,800
2
23
33

2

Still, you should explain here why, not just link to some other resource. – Prof. Falken Mar 20 '12 at 17:30

What's the best MTU setting for a web server?

3 Answers3