tcp_mtu_probing on by default?

St├ęphane Graber stgraber at
Tue Feb 7 15:01:45 UTC 2012

On 02/07/2012 09:40 AM, Mathieu Trudel-Lapierre wrote:
> On Mon, Feb 6, 2012 at 6:15 PM, Martin Pool<mbp at>  wrote:
>> I have helped a few people recently who were having path MTU discovery
>> problems, causing bulk TCP transfers to hang quasi-intermittently.
>> Once you know the likely cause it's fairly easy but it's a fairly
>> annoying problem for someone who doesn't recognize it.
>> There is a kernel sysctl "sudo sysctl -w net.ipv4.tcp_mtu_probing=1"
>> that seems fairly effective at detecting when the problem is occurring
>> and automatically fixing it.   This implements RFC 4821.  It is off by
>> default in the kernel.  I haven't seen any reports of problems caused
>> by turning it on, but there may be some.
>> I wonder if Ubuntu should turn it on in /etc/sysctl.d?
> Admittedly I haven't really looked much into this and whether it's
> likely to cause issues in some environments, but setting it to 1
> indeed seems relatively safe.
>    0 - Disabled
> ** 1 - Disabled by default, enabled when an ICMP black hole detected
>    2 - Always enabled, use initial MSS of tcp_base_mss.
> This s hould help those network paths for which fragmentation is
> required.On the other hand, enabling this will cause more
> retransmissions of segments in this case, which would mean an increase
> in traffic. I don't think it's likely to be huge, but just something
> to keep in mind.
> The question would be how many people would benefit from this change?
> I'd be tempted to say it probably doesn't affect all that many people
> in general. If you've found a lot of people who had this issue, maybe
> it's worth also trying to figure out if they have the same ISP, if
> they try to connect to the same place, etc. in case it's an issue
> outside their network.
> Mathieu Trudel-Lapierre< at>
> Freenode: cyphermox, Jabber: at
> 4096R/EE018C93 1967 8F7D 03A1 8F38 732E  FF82 C126 33E1 EE01 8C93

I'm surprised this is actually still a problem for IPv4, mtu 
discovery/probing is a very important part of IPv6 (where it's enabled 
by default). Anyone actually requiring this with IPv4 has something 
seriously broken in their or their ISP's network. Typically a sign that 
ICMP is blocked somewhere.

However, looking at the above description from Matt, setting the value 
to 1 doesn't seem too risky. Though if we choose to do it, I'd suggest 
we do it as early as possible and carefully look for bugs.
I'm guessing these bugs will be equally as difficult to find and debug 
as these that triggered this discussion.

St├ęphane Graber
Ubuntu developer

More information about the Ubuntu-devel-discuss mailing list