Mac OSX – Testing Packet Fragmentation Over VPN

KB ID 0001204 


Many moons ago I wrote a post about a problem where I had no RDP over a VPN connection, and all the hoops I jumped though to troubleshoot and fix the problem.

Today I had a similar problem, I was connected to a client via Cisco AnyConnect, and I had hair-pinned that traffic, from the client site, over an IPSEC VPN to their servers in the Data Center. Pings were successful, but not RDP. 

To be honest this affects various types of TCP traffic, but it only ever seems to trip me up with RDP! In the past I used to ping and set the traffic to ‘not fragment’ and manually set the packet size, then I increased/decreased the packet size until I found the optimal MTU size like this;

Windows- Packet Fragementation

But these are Windows options, how can I do the same thing on my Mac?



Well things on the Mac are even easier! It will even find the value for you, (in a manner of sorts). You set the minimum packet size, and the maximum packet size, and ask it to increment each ping packet by one. Below I’ve narrowed the scope to fit it on one screenshot;

MAC-OSX - Packet Fragementation


ping -g {lowest-value} -G {highest-value} -h 1 -D {IP-address}

As you can see above, I started at 1370 and the last ‘working’ ping was sequence 8, so the last working value was 1378


Related Articles, References, Credits, or External Links


Author: PeteLong

Share This Post On

1 Comment

  1. This is excellent. I’m trying to figure out how I can do this programmatically to find where the fragmentation occurs. In order to do that I have to use a switch in the ping command to stop the pings after a certain number of attempts. The “-c x” doesn’t seem to work.

    Post a Reply

Leave a Reply to Steve Evans Cancel reply

Your email address will not be published. Required fields are marked *