VLAN: Actual MTU less then MTU

Kentzo · December 8, 2023, 1:47am

Cannot quite wrap my head about both Winbox and Terminal showing Actual MTU of VLAN interfaces (on a bridge) less than MTU: 1458 vs 1500. Smallest L2 MTU is 1560 for a WiFi interface.
Disregarding that, I don’t even understand what can possible add that much overhead as there no IP tunnels.

> /interface/print detail 
Flags: D - dynamic; X - disabled, R - running; S - slave; P - passthrough 
 0  R   name="ether1-gateway" default-name="ether1" type="ether" mtu=1500 actual-mtu=1500 l2mtu=1568 max-l2mtu=9214 
        mac-address=... ifname="eth0" ifindex=17 id=1 last-link-up-time=2023-12-07 16:29:21 link-downs=0 

 1   S  name="ether2" default-name="ether2" type="ether" mtu=1500 actual-mtu=1500 l2mtu=1568 max-l2mtu=9214 
        mac-address=... ifname="eth1" ifindex=18 id=2 link-downs=0 

 2  RS  name="ether3" default-name="ether3" type="ether" mtu=1500 actual-mtu=1500 l2mtu=1568 max-l2mtu=9214 
        mac-address=... ifname="eth2" ifindex=19 id=3 last-link-up-time=2023-12-07 16:29:21 link-downs=0 

 3  RS  name="ether4" default-name="ether4" type="ether" mtu=1500 actual-mtu=1500 l2mtu=1568 max-l2mtu=9214 
        mac-address=... ifname="eth3" ifindex=20 id=4 last-link-up-time=2023-12-07 16:29:21 link-downs=0 

 4  RS  name="ether5" default-name="ether5" type="ether" mtu=1500 actual-mtu=1500 l2mtu=1568 max-l2mtu=9214 
        mac-address=... ifname="eth4" ifindex=21 id=5 last-link-up-time=2023-12-07 16:29:18 link-downs=0 

 5  R   name="bridge" type="bridge" mtu=auto actual-mtu=1500 l2mtu=1560 mac-address=... ifname="br0" 
        ifindex=8 id=8 last-link-up-time=2023-12-07 16:29:04 link-downs=0 

...

 9  R   name="veth-alpine" type="veth" mtu=1500 actual-mtu=1500 mac-address=... ifname="veth27" ifindex=5 
        id=27 last-link-up-time=2023-12-07 16:29:04 link-downs=0 

10  RS  name="veth-iperf" type="veth" mtu=1500 actual-mtu=1500 mac-address=... ifname="veth31" ifindex=6 
        id=31 last-link-up-time=2023-12-07 16:29:04 link-downs=0 

11  R   name="veth-samba" type="veth" mtu=1500 actual-mtu=1500 mac-address=.... ifname="veth23" ifindex=4 
        id=23 last-link-up-time=2023-12-07 16:29:04 link-downs=0 

12  R   name="vlan-iot" type="vlan" mtu=1500 actual-mtu=1458 l2mtu=1556 mac-address=... ifname="vlan9" 
        ifindex=11 id=9 last-link-up-time=2023-12-07 16:29:04 link-downs=0 

13  R   name="vlan-ipsec" type="vlan" mtu=1500 actual-mtu=1458 l2mtu=1556 mac-address=... ifname="vlan10" 
        ifindex=12 id=10 last-link-up-time=2023-12-07 16:29:04 link-downs=0 

14  R   name="vlan-main" type="vlan" mtu=1500 actual-mtu=1458 l2mtu=1556 mac-address=... ifname="vlan11" 
        ifindex=13 id=11 last-link-up-time=2023-12-07 16:29:04 link-downs=0 

15  R   name="vlan-tv" type="vlan" mtu=1500 actual-mtu=1458 l2mtu=1556 mac-address=... ifname="vlan13" 
        ifindex=14 id=13 last-link-up-time=2023-12-07 16:29:04 link-downs=0 

16  R   name="vlan-work" type="vlan" mtu=1500 actual-mtu=1458 l2mtu=1556 mac-address=... ifname="vlan14" 
        ifindex=15 id=14 last-link-up-time=2023-12-07 16:29:04 link-downs=0 

17   S  name="wifi-2.4" default-name="wifi2" type="wifi" actual-mtu=1500 l2mtu=1560 max-l2mtu=1560 
        mac-address=... ifname="ath2" ifindex=26 id=7 link-downs=0 

18  RS  name="wifi-5" default-name="wifi1" type="wifi" actual-mtu=1500 l2mtu=1560 max-l2mtu=1560 
        mac-address=... ifname="ath1" ifindex=25 id=6 last-link-up-time=2023-12-07 16:30:32 link-downs=0 

19  RS  name="wifi-iot" type="wifi" actual-mtu=1500 l2mtu=1560 max-l2mtu=1560 mac-address=... ifname="ath3" 
        ifindex=27 id=17 last-link-up-time=2023-12-07 16:29:21 link-downs=0 

20  R   name="wifi-link" type="wifi" mtu=1542 actual-mtu=1542 l2mtu=1560 max-l2mtu=1560 mac-address=... 
        ifname="ath4" ifindex=28 id=32 last-link-up-time=2023-12-07 16:29:21 link-downs=0 

21  XS  name="wifi-work-2.4" type="wifi" actual-mtu=1500 l2mtu=1560 max-l2mtu=1560 mac-address=... 
        ifname="ath89" ifindex=118 id=18 last-link-down-time=2022-08-05 07:52:20 last-link-up-time=2022-08-05 07:46:09 
        link-downs=0 

22  RS  name="wifi-work-5" type="wifi" actual-mtu=1500 l2mtu=1560 max-l2mtu=1560 mac-address=... 
        ifname="ath5" ifindex=29 id=19 last-link-up-time=2023-12-07 16:31:12 link-downs=0

Amm0 · December 8, 2023, 2:21am

That doesn’t look right…

Maybe run a quick sniffer on the VLAN to see if the packets are actually getting a reduced MTU (e.g. is a bug in /interface/print OR actually reducing MTU).

I guess the other thing to try is set the bridge MTU to be explicitly 1500, instead of blank/=“auto”. The bridge is kinda weird that it takes the lowest MTU of all member ports — but in your case nothing is lower, so “auto” should actually be fine (1500 MTU), in theory.

Kentzo · December 8, 2023, 2:44am

There was an EoIP slave interface as a bridge port that had MTU of 1458, but it’s now gone. The reboot fixed Actual MTU back to 1500.

Kentzo · December 8, 2023, 2:47am

Funny thing:

Pings (ping -D -s 1472 1.1.1.1) from the host on one of these VLANs to Internet behaved as if MTU was 1500. BUT Pings (:ping 192.168.2.201 do-not-fragment size=1458) from the router to that very host behaves as if MTU was 1458.

*note to my self that RouterOS’s size parameter includes Data + ICMP + IP header, while BSD’s in just Data.