How TCP discovers the Path MTU ?

TCP avoids fragmentation by always setting the Don't Fragment (DF) bit in the IP header to discover the path MTU from the ICMP messages sent by routers along the path. This is called Path MTU Discovery. We can try the same thing with UDP using traceroute -F which causes the DF bit to be set in the UDP datagrams sent.

Refer the above diagram :-

Use traceroute to send 1200 bytes of UDP data with the DF bit set from hostB1 to hostC1 where mtu is set to 1064 bytes.

Traceroute output:

traceroute to hostC1.test.ca (10.1.3.1), 64 hops max, 1200 byte packets

1 routerB (10.1.2.254) 0.052 ms

2 routerB (10.1.2.254) 0.051 ms !F-1064

tcpdump output:

16:29:14.992271 IP (tos 0x0, ttl 1, id 36066, offset 0, flags [DF], proto UDP (17), length 1200)

hostB1.36065 > hostC1.33435: UDP, length 1172

16:29:14.992306 IP (tos 0x0, ttl 64, id 31809, offset 0, flags [DF], proto ICMP (1), length 56)

routerB > hostB1: ICMP time exceeded in-transit, length 36

IP (tos 0x0, ttl 1, id 36066, offset 0, flags [DF], proto UDP (17), length 1200)

hostB1.36065 > hostC1.33435: UDP, length 1172

16:29:15.027213 IP (tos 0x0, ttl 2, id 36067, offset 0, flags [DF], proto UDP (17), length 1200)

hostB1.36065 > hostC1.33436: UDP, length 1172

16:29:15.027250 IP (tos 0x0, ttl 64, id 31810, offset 0, flags [DF], proto ICMP (1), length 56)

routerB > hostB1: ICMP hostC1 unreachable - need to frag (mtu 1064), length 36

IP (tos 0x0, ttl 2, id 36067, offset 0, flags [DF], proto UDP (17), length 1200)

hostB1.36065 > hostC1.33436: UDP, length 1172

Discussion:

In frame 1 the UDP datagram has the DF bit set and ttl =1.

In frame 2 is the ICMP time exceeded error message from the routerB.

Frame 3 is the UDP datagram with the DF bit set and ttl =2. When frame 3 arrives at routerB, it must be fragmented but cannot because of the DF bit.

Frame 4 is the ICMP “need to frag but can’t because DF is 1”error message. The mtu is placed in the ICMP header.

[if !supportLineBreakNewLine] [endif]