0Optimising WAN MTU for BT Infinity

Since switch­ing from my BT SmartHub to a pfsense router I’ve had a few minor teeth­ing prob­lems. One of which has been the squid proxy ser­vice caus­ing a prob­lem where I can’t access the BBC web­site with an error. Whilst I did even­tu­ally fix this through a slightly strange meth­od, I encountered a pos­sible source of the prob­lem which was worth fix­ing on it’s own


When I turned squid off I was imme­di­ately able to access the BBC web­site, but with it turned on I con­sist­ent received an error from squid that there had been a “Zero Sized Reply”. It seemed squid was unable to get any reply from the BBC. One pos­sible cause of this could be frag­men­ted pack­ets being dropped, and the cause of frag­ment­a­tion is nor­mally MTU size.

The default MTU for Eth­er­net is 1500 and most mod­ern oper­at­ing sys­tems man­age things on the LAN auto­mat­ic­ally. It is pos­sible to use sizes up to 9000 to increase through­put (slightly) for the LAN. How­ever, this was of less interest to me than mak­ing sure pack­ets weren’t get­ting frag­men­ted mul­tiple times, or being frag­men­ted after leav­ing the router.

With the pfsense WAN MTU set to default (1500) I tried some pinging from win­dows to see what the max­im­um size was without frag­ment­a­tion. The com­mand to use is ping google.com -f -l 1500, chan­ging the last num­ber to find the optim­um. My BT Infin­ity con­nec­tion uses PPPoE which typ­ic­ally has a max­im­um value of 1492 (it may in fact really use PPPoA which my bridged modem can present as PPPoE to pfsense, dif­fer­ent sources say dif­fer­ent things about this), and when using ping it is neces­sary to take into account some over­head which has a value of 28, so I was expect­ing a ping MTU of 1464 to be the largest I could use. To my sur­prise this still res­ul­ted in frag­ment­a­tion and I even­tu­ally found the max­im­um I could use was 1456.

I used this value (with 28 added back on) to set a MTU value of 1484 in the WAN inter­face set­tings of pfsense. Now the only frag­ment­a­tion should be done by the router to LAN pack­ets, with no risk of any later frag­ment­a­tion from a router some­where between me and any par­tic­u­lar web­site. After clear­ing my browser cache and the squid cache I was then able to load the BBC web­site suc­cess­fully. I sus­pect the issue was caused by a router black­hol­ing issue some­where between my ISP and the BBC serv­ers which was drop­ping the frag­men­ted pack­ets. A nice descrip­tion of the phe­nomen­on can be found on RCL’s Blog

Please send us your thoughts by commenting below! If you would like to subscribe please use the subscribe link on the menu at the top right. You can also share this with your friends by using the social links below. Cheers.

Leave a Reply