The Weirdest Internet Problem: Some Sites Work, Others Don't
Your internet is working. You can Google things. YouTube loads. Reddit works fine. But your bank website won't load. Your work VPN connects but then nothing works through it. Gmail is fine but you can't access certain websites.
Speed test shows good speeds. Ping works. You're definitely connected. But specific sites just timeout or hang forever.
This bizarre symptom pattern screams MTU problem (Maximum Transmission Unit). Your network is sending packets that are too large, getting fragmented or dropped, and breaking specific websites while leaving others working fine.
What MTU Actually Is (Simple Version)
MTU is the maximum packet size your network allows. Think of it like maximum box size for shipping:
- Standard MTU: 1500 bytes (works everywhere)
- Your network MTU: Maybe set to 1500
- But somewhere in the path: A device only handles 1400 bytes
- Result: Large packets get dropped, small packets work fine
Why some sites work and others don't:
- Google homepage: Small packets, loads fine
- Banking site with heavy security: Large packets, gets dropped
- Plain email: Small packets, works
- Email with attachments: Large packets, fails
How to Know If MTU Is Your Problem
Classic MTU problem symptoms:
- VPN connects but nothing works through it
- VPN connects successfully - But web browsing, apps all timeout - This is the #1 MTU symptom
- Some websites load, others don't
- Simple sites: work fine - Complex sites with HTTPS/security: fail - Pattern is consistent (same sites always fail)
- Can ping but can't browse certain sites
- Small ping packets: work - Large web packets: fail
- Works on mobile data but not WiFi (or vice versa)
- Different networks have different MTU limits - Problem appears only on one network
- SSH/remote desktop connects but hangs during use
- Initial connection: small packets, works - Data transfer: large packets, fails
Quick MTU Test (Windows)
Test if your MTU is causing issues:
ping google.com -f -l 1472What this does: Sends 1472 byte packet that can't be fragmented
Good result:
Reply from 142.250.80.46: bytes=1472 time=15msMTU is fine.
Bad result:
Packet needs to be fragmented but DF setMTU problem confirmed.
If it fails, test smaller sizes:
ping google.com -f -l 1464
ping google.com -f -l 1400
ping google.com -f -l 1352Find the largest size that works. That's your actual MTU limit (add 28 to the number).
Quick MTU Test (Mac/Linux)
ping -D -s 1472 google.comMac alternative:
ping -D -s 1464 google.comSame logic: find largest packet size that doesn't get dropped.
How to Fix MTU Issues
Fix 1: Lower MTU on Your Network Adapter (Windows)
Step 1: Open Command Prompt as Administrator
Step 2: Find your network interface name:
netsh interface ipv4 show subinterfacesStep 3: Set MTU to 1400 (safe value):
netsh interface ipv4 set subinterface "Wi-Fi" mtu=1400 store=persistent(Replace "Wi-Fi" with your interface name)
Step 4: Test if websites now work
If 1400 works, you can try increasing:
- Try 1450, test
- Try 1480, test
- Find sweet spot where everything works
Fix 2: Lower MTU on Mac
Step 1: Find your network interface:
networksetup -listallhardwareportsStep 2: Set MTU:
sudo networksetup -setMTU Wi-Fi 1400Step 3: Verify:
networksetup -getMTU Wi-FiFix 3: Lower MTU on Linux
Temporary (until reboot):
sudo ip link set dev eth0 mtu 1400Permanent (add to /etc/network/interfaces):
iface eth0 inet dhcp
mtu 1400Fix 4: Router MTU Setting (Affects All Devices)
Better solution: Fix it at router level so all devices benefit.
- Login to router (192.168.1.1 or similar)
- Find "MTU" setting (usually in WAN or Advanced settings)
- Change from 1500 to 1400 or 1450
- Save and reboot router
Common locations:
- TP-Link: Network > WAN > MTU Size
- Netgear: Advanced > Setup > WAN Setup > MTU Size
- ASUS: WAN > Internet Connection > MTU
- Linksys: Connectivity > Internet Settings > MTU
VPN-Specific MTU Fix
If VPN connects but nothing works:
Most VPN software has MTU settings.
OpenVPN: Add to config file:
mssfix 1400
tun-mtu 1400WireGuard: Set MTU in interface config:
MTU = 1400Commercial VPN apps:
- Look for "MTU" in advanced settings
- Try values: 1400, 1420, 1450
- Test until it works
Why MTU Problems Happen
Common causes:
- PPPoE connections (DSL internet)
- PPPoE adds 8 byte overhead - Standard 1500 MTU becomes 1492 effective - Some devices don't handle this well
- VPN/tunnels
- Encryption adds overhead - 1500 MTU packets become too large when encrypted - Need lower MTU for VPN traffic
- ISP network equipment
- Some ISPs use MTU < 1500 internally - Don't advertise this to customers - Causes mysterious failures
- Multiple layers of tunneling
- VPN through VPN - VPN over PPPoE - Each layer adds overhead
How to Find Optimal MTU
Formula: Optimal MTU = (Largest working ping packet size) + 28
Example:
ping -f -l 1464worksping -f -l 1472fails- Optimal MTU = 1464 + 28 = 1492
Common safe MTU values:
- 1500: Standard, works most places
- 1492: PPPoE connections
- 1450: Safe for most VPNs
- 1400: Very conservative, works almost everywhere
- 1280: Minimum for IPv6, always works but inefficient
The Bottom Line
If some websites work but others don't, or VPN connects but traffic doesn't flow, you probably have an MTU problem.
Quick diagnosis:
ping google.com -f -l 1472If this fails, MTU is your issue.
Quick fix: Lower MTU to 1400 on your network adapter or router. Test if problems disappear.
Optimal fix: Test different MTU values (1400, 1450, 1480) to find highest value that works reliably. Use that.
Where to set it:
- Router: Affects all devices (best option)
- Network adapter: Affects just one device
- VPN software: Only affects VPN traffic
Most people never encounter MTU issues. But when you do, the symptoms are bizarre enough that you'll waste hours troubleshooting everything else first. Now you know what to check.