Yandex Cloud
  • Services
  • Solutions
  • Why Yandex Cloud
  • Pricing
  • Documentation
  • Contact us
Get started
Language / Region
© 2022 Yandex.Cloud LLC
Yandex Virtual Private Cloud
  • Getting started
  • Step-by-step instructions
    • All instructions
    • Cloud network
      • Creating a cloud network
      • Deleting a cloud network
      • Updating a cloud network
    • Subnet
      • Creating a subnet
      • Deleting a subnet
      • Updating a subnet
      • Viewing a list of used addresses
    • IP address
      • Reserving a static public IP address
      • Making a dynamic public IP address static
      • Making a static public IP address dynamic
      • Deleting a static public IP address
    • Static routing
      • Creating a static route
      • Enabling NAT to the internet
    • Security groups
      • Create a security group
      • Update a security group and rules
      • Delete a security group
    • Enable a software-accelerated network
    • Protection from DDoS attacks
      • Enable protection from DDoS attacks
  • Practical guidelines
    • Architecture and protection of a basic internet service
    • DHCP settings for working with a corporate DNS server
  • Concepts
    • Relationship between service resources
    • Cloud networks and subnets
    • Cloud resource addresses
    • Static routes
    • Security groups
    • Public IP address ranges
    • MTU and MSS
    • DHCP settings
    • Software-accelerated network
    • Quotas and limits
  • DDoS Protection
  • Access management
  • Pricing policy
    • Current pricing policy
    • Archive
      • Before January 1, 2019
  • API reference
    • Authentication in the API
    • REST
      • Overview
      • Address
        • Overview
        • create
        • delete
        • get
        • getByValue
        • list
        • listOperations
        • move
        • update
      • Gateway
        • Overview
        • create
        • delete
        • get
        • list
        • listOperations
        • move
        • update
      • Network
        • Overview
        • create
        • delete
        • get
        • list
        • listOperations
        • listRouteTables
        • listSecurityGroups
        • listSubnets
        • move
        • update
      • RouteTable
        • Overview
        • create
        • delete
        • get
        • list
        • listOperations
        • move
        • update
      • SecurityGroup
        • Overview
        • create
        • delete
        • get
        • list
        • listOperations
        • move
        • update
        • updateRule
        • updateRules
      • Subnet
        • Overview
        • addCidrBlocks
        • create
        • delete
        • get
        • list
        • listOperations
        • move
        • removeCidrBlocks
        • update
      • Operation
        • Overview
        • get
    • gRPC
      • Overview
      • AddressService
      • GatewayService
      • NetworkService
      • RouteTableService
      • SecurityGroupService
      • SubnetService
      • OperationService
  • Questions and answers
  1. Concepts
  2. MTU and MSS

MTU and TCP MSS

Written by
Yandex.Cloud

    The maximum transmission unit (MTU) is the maximum size of a data packet, in bytes, that can be communicated over a network segment.

    The standard MTU is 1500 bytes, but MTUs may vary in different networks that packets are transmitted through. For example, when DDoS Protection or VPN tunnels are used, the MTU value should be lower to make sure that packets are not lost. Packet loss due to MTU problems may look like an unresponsive TCP session, for example, during the TLS Handshake or SSH access.

    There are several ways to impact the size of transmitted packets:

    1. Set the MTU through your VM interface: this will affect all types of transmitted packets.
    2. Set the TCP MSS (maximum segment size). The TCP MSS can only be set for certain packets, for example, those passed via the default route.

    If DDoS Protection is enabled, we recommend setting the MTU to 1450 (if you need to limit the size of all packets), and the TCP MSS to 1410 (if you need to limit the size of TCP packets only).

    If you use VPN tunnels, reduce the MTU and TCP MSS values to the size of the tunnel headers and TCP headers that are used.

    Was the article helpful?

    Language / Region
    © 2022 Yandex.Cloud LLC