top | item 30831290

(no title)

clone1018 | 3 years ago

MTUs are fun. We (live video streaming platform) were recently investigating issues with users having trouble watching our live video streams when using a VPN. Since we're using WebRTC on the viewer end we thought immediately it was just some WebRTC "protection" trying to not leak the users IP.

Eventually we figured out that Open Broadcaster Software has a compiled configuration of a max MTU of 1392 for the UDP packets we're sending. Generally this is fine because most routers have a default MTU of 1500, however when coupled with some of the VPN technologies, it ends up pushing the MTU over the limit and the video packets get dropped.

Overall MTUs seem to be slightly a not well understood thing, because answers on the internet wildly vary for appropriate ways of handling it. The consensus from some Google/WebRTC folks seems to be that 1200 is a safe and fast default.

> Anyway, 1200 bytes is 1280 bytes minus the RTP headers minus some bytes for RTP header extensions minus a few "let's play it safe" bytes. It'll usually work.

- https://groups.google.com/g/discuss-webrtc/c/gH5ysR3SoZI?pli...

- https://stackoverflow.com/questions/47635545/why-webrtc-chos...

discuss

ignoramous|3 years ago

Reminds me of: https://github.com/tailscale/tailscale/blob/d9a7205be/net/ts...

  // tunMTU is the MTU we set on tailscale's TUN interface. wireguard-go
  // defaults to 1420 bytes, which only works if the "outer" MTU is 1500
  // bytes. This breaks on DSL connections (typically 1492 MTU) and on
  // GCE (1460 MTU?!).
  //
  // 1280 is the smallest MTU allowed for IPv6, which is a sensible
  // "probably works everywhere" setting until we develop proper PMTU
  // discovery.

And: https://datatracker.ietf.org/doc/rfc9000/ (sec 14)

   The maximum datagram size is defined as the largest size of UDP
   payload that can be sent across a network path using a single UDP
   datagram.  QUIC MUST NOT be used if the network path cannot support a
   maximum datagram size of at least 1200 bytes.

   QUIC assumes a minimum IP packet size of at least 1280 bytes.  This
   is the IPv6 minimum size [IPv6] and is also supported by most modern
   IPv4 networks.  Assuming the minimum IP header size of 40 bytes for
   IPv6 and 20 bytes for IPv4 and a UDP header size of 8 bytes, this
   results in a maximum datagram size of 1232 bytes for IPv6 and 1252
   bytes for IPv4.  Thus, modern IPv4 and all IPv6 network paths are
   expected to be able to support QUIC.

      |  Note: This requirement to support a UDP payload of 1200 bytes
      |  limits the space available for IPv6 extension headers to 32
      |  bytes or IPv4 options to 52 bytes if the path only supports the
      |  IPv6 minimum MTU of 1280 bytes.  This affects Initial packets
      |  and path validation.

   Any maximum datagram size larger than 1200 bytes can be discovered
   using Path Maximum Transmission Unit Discovery (PMTUD) (see
   Section 14.2.1) or Datagram Packetization Layer PMTU Discovery
   (DPLPMTUD) (see Section 14.3).

yardstick|3 years ago

1200 MTU often in my experience does the trick.

But, I don’t like the presumption in IPv6 that everything supports 1280. What if there is a VPN running over a 1280-MTU link, what is the MTU of the encrypted IPv6 payload? Now add in a couple more layers of VPNs for good measure.