Maximum transmission unit overview

VPC networks have a default maximum transmission unit (MTU) of 1460 bytes. However, you can configure your VPC networks to have an MTU of 1500 bytes.

The MTU is the size, in bytes, of the largest packet supported by a network layer protocol, including both headers and data. In Google Cloud, you set the MTU for each VPC network, and VM instances that use that network must also be configured to use that MTU for their interfaces. The network's MTU setting is communicated to a VM when that VM requests an IP address using DHCP. DHCP Option 26 contains the network's MTU.

The MTU impacts both UDP and TCP traffic:

• If a UDP packet is sent that is larger than the destination can receive or that exceeds the MTU on some network link on the path to the destination, then the packet is dropped if the Don't-Fragment flag is set. When it gets dropped, an ICMP packet of the type Fragmentation-Needed is sent back to the sender. For more information on path discovery, see PMTUD.
• If a UDP packet is sent that is larger than the destination can receive or that exceeds the MTU on some network link towards the destination, then it is (generally) fragmented if the Don't-Fragment flag is not set. This fragmentation is done where a mismatch is detected: this could be at an intermediate router or even at the sender itself if a packet is sent that is larger than the MTU.
• TCP negotiates the maximum segment size (MSS) during connection setup time. Packets are then segmented into the smaller MTU size of both endpoints of the connection.

VMs and MTU settings

Linux VMs based on Google-provided OS images automatically have their interface MTU set to the MTU of the VPC network when they are created. If a VM has multiple network interfaces, each interface is set to the MTU of the attached network. If you change the MTU of a VPC that has running VMs, you must stop and then start those VMs to pick up the new MTU. When the VMs start up again, the changed network MTU is communicated to them from DHCP.

Windows VMs do not automatically configure their interfaces to use the VPC network's MTU when they start. Instead, Windows VMs based on Google-provided OS images are configured with a fixed MTU of 1460. If you change the MTU of a VPC network that contains Windows VMs based on Google-provided OS images, you must change the MTU setting for the Windows VM.

Verify MTU settings on any VMs that use custom images. It is possible that they might honor the VPC network's MTU, but it is also possible that their MTUs might be set to a fixed value.

For instructions, see Change the MTU setting of a VPC network.

Consequences of mismatched MTUs

A mismatched MTU is defined as two communicating VM instances that have different MTU settings. This can, in a limited number of cases, cause connectivity problems. Specific cases involve the use of instances as routers and the use of Kubernetes inside VMs.

In most common scenarios, TCP connections established between instances with different MTUs are successful due to the MSS negotiation, where both ends of a connection will agree to use the lower of the two MTUs.

This applies whether the two VMs are in the same network or peered networks.

MTU differences with Cloud VPN

For information about Cloud VPN and MTU, see Tunnel MTU.

MTU differences with Cloud Interconnect

Cloud Interconnect can have an MTU of 1440 or 1500.

If the communicating VMs have an MTU of 1500 and the Interconnect connection has an MTU of 1440, MSS clamping reduces the MTU of TCP connections to 1440 and TCP traffic proceeds.

MSS clamping does not affect UDP packets, so if the VPC network has an MTU of 1500 and the Interconnect connection has an MTU of 1440, then UDP datagrams with more than 1412 bytes of data (1412 bytes UDP data + 8 byte UDP header + 20 byte IPv4 header = 1440) are dropped. In such a case, you can do one of the following:

• Lower the MTU of the attached VPC network to 1460.
• Adjust your application to send smaller UDP packets.
• Create a new Interconnect connection of 1500 bytes

For more information about Cloud Interconnect and MTU, see Cloud Interconnect MTU.

What's next

• Change the MTU setting of a VPC network.