Loading learning content...
All the preceding fields—Preamble, SFD, MAC addresses, Type/Length—exist to serve one purpose: reliably delivering the Payload from source to destination. The payload is where the actual data lives—the IP packets, ARP requests, DHCP messages, and all other upper-layer protocol information that applications and network services need to exchange.
The payload field is the heart of the Ethernet frame. Understanding its size constraints, padding requirements, and relationship to MTU (Maximum Transmission Unit) is essential for network design, troubleshooting fragmentation issues, and optimizing throughput.
By the end of this page, you will understand the minimum and maximum payload sizes for standard Ethernet, why minimum payload size exists and how padding is applied, the concept of MTU and its relationship to frame size, jumbo frames, baby giants, and their applications, and how encapsulation overhead affects effective payload capacity.
The Ethernet payload has well-defined minimum and maximum size limits that have remained essentially unchanged since original Ethernet.
The Fundamental Limits:
| Constraint | Standard Ethernet | With VLAN Tag | Notes |
|---|---|---|---|
| Minimum Payload | 46 bytes | 42 bytes | Ensures minimum frame size |
| Maximum Payload (MTU) | 1500 bytes | 1500 bytes | Original Ethernet limit |
| Minimum Frame Size | 64 bytes | 64 bytes | Collision detection |
| Maximum Frame Size | 1518 bytes | 1522 bytes | On the wire (FCS included) |
Where the Numbers Come From:
Minimum MAC Frame (64 bytes):
Destination MAC: 6 bytes
Source MAC: 6 bytes
Type/Length: 2 bytes
Payload: 46 bytes (minimum)
FCS: 4 bytes
─────────────────────────
Total: 64 bytes
Maximum MAC Frame (1518 bytes):
Destination MAC: 6 bytes
Source MAC: 6 bytes
Type/Length: 2 bytes
Payload: 1500 bytes (maximum)
FCS: 4 bytes
─────────────────────────
Total: 1518 bytes
| Component | Size (bytes) | Included in Frame Size? | Included in MTU? |
|---|---|---|---|
| Preamble | 7 | No | No |
| SFD | 1 | No | No |
| Destination MAC | 6 | Yes | No |
| Source MAC | 6 | Yes | No |
| 802.1Q Tag (if present) | 4 | Yes | No |
| Type/Length | 2 | Yes | No |
| Payload (data + padding) | 46-1500 | Yes | Yes (data only) |
| FCS | 4 | Yes (sometimes) | No |
| Inter-Packet Gap | 12 | No | No |
MTU (Maximum Transmission Unit) refers specifically to the maximum payload size—the data that upper-layer protocols can send in a single frame. For standard Ethernet, MTU = 1500 bytes. The frame size (1518/1522 bytes) includes the Ethernet header and trailer. Network engineers must be precise about which measurement they're discussing.
The 64-byte minimum frame size (requiring 46 bytes minimum payload) isn't arbitrary—it's a fundamental requirement of CSMA/CD (Carrier Sense Multiple Access with Collision Detection), the medium access control method used in half-duplex Ethernet.
The Collision Detection Requirement
In CSMA/CD, a transmitting station must be able to detect a collision while it's still transmitting. If a collision occurs, both stations will see corrupted signals and initiate the backoff-retry procedure. But if the transmitter finishes its frame before the collision signal propagates back from the far end of the cable, it won't know a collision occurred.
The Physics:
Station A ─────────── Maximum cable length ─────────── Station B
◀───────────── 2500 meters ──────────────▶
(10BASE5 maximum)
Calculating Minimum Frame Size:
The round-trip time for a signal to travel the maximum cable distance and back (accounting for repeaters, delays, etc.) is called the slot time. For 10 Mbps Ethernet:
Therefore, a frame must be at least 64 bytes to ensure the transmitter is still sending when a worst-case collision signal returns.
| Ethernet Speed | Slot Time | Bits per Slot | Minimum Frame (bytes) |
|---|---|---|---|
| 10 Mbps | 51.2 µs | 512 bits | 64 bytes |
| 100 Mbps | 5.12 µs | 512 bits | 64 bytes |
| 1 Gbps (half-duplex) | 4.096 µs | 4096 bits | 512 bytes* |
| 10+ Gbps | Full-duplex only | N/A | 64 bytes (compatibility) |
*Note on Gigabit Ethernet: Gigabit Ethernet in half-duplex mode would require a 512-byte minimum frame for proper collision detection. To maintain backward compatibility with 64-byte minimums, Gigabit Ethernet introduced carrier extension—padding the transmission time (not the frame) to 512 bytes. In practice, virtually all Gigabit Ethernet runs full-duplex where CSMA/CD is disabled and minimum frame size is purely for compatibility.
Full-Duplex Operation
Modern Ethernet networks operate almost exclusively in full-duplex mode, where:
Despite this, the 64-byte minimum frame size is preserved for:
A frame smaller than 64 bytes is called a 'runt' and is invalid. Runts are typically caused by collisions (in half-duplex), faulty NICs, or software bugs. Network interface statistics track runt frame counts; high numbers indicate physical layer or cabling problems.
When the upper-layer payload is smaller than 46 bytes, the transmitting NIC must add padding to reach the minimum frame size. This padding is transparent to higher layers—the receiver's network stack removes it before delivering data to protocols.
Padding Rules:
Example: ARP Request
ARP (Address Resolution Protocol) messages are always 28 bytes for IPv4:
| Field | Size | Content |
|---|---|---|
| Destination MAC | 6 bytes | FF:FF:FF:FF:FF:FF (broadcast) |
| Source MAC | 6 bytes | Sender's MAC address |
| EtherType | 2 bytes | 0x0806 (ARP) |
| ARP Payload | 28 bytes | Hardware type, protocol, addresses... |
| Padding | 18 bytes | 0x00 0x00 0x00 ... (18 zeros) |
| FCS | 4 bytes | CRC-32 of frame |
| Total | 64 bytes | Meets minimum requirement |
How Does the Receiver Know Where Data Ends and Padding Begins?
The Ethernet frame itself provides no explicit padding indicator. Instead, upper-layer protocols include their own length information:
The receiving network stack:
Example: 10-byte IP packet (theoretical minimum):
Ethernet payload received: 46 bytes
IP header 'Total Length': 10 bytes
Protocol stack action: Process 10 bytes, discard 36 bytes padding
Padding Security Consideration
Padding bytes should be zeros, but the standard doesn't strictly require this. Some implementations have leaked memory contents in padding bytes (a security vulnerability). Modern NICs typically ensure padding is zeroed to prevent information leakage.
Wireshark displays padding as 'Padding' or 'Trailer' bytes at the end of the Ethernet frame. For an ARP packet, you'll see '18 bytes of padding'. This is helpful for verifying that small packets are correctly padded and for investigating unusual padding content.
The Maximum Transmission Unit (MTU) is the largest amount of data (in bytes) that can be encapsulated in a single frame's payload. For standard Ethernet, MTU = 1500 bytes.
Why 1500 Bytes?
The 1500-byte limit was established in the original Ethernet specification (DIX Ethernet, 1980). The exact rationale involved:
These constraints were carefully balanced for the technology of the era, and the 1500-byte MTU has remained the default for decades.
MTU in Network Configuration
MTU is configured on network interfaces and must match along a communication path:
# Linux - show interface MTU
ip link show eth0
# Output: ... mtu 1500 ...
# Linux - set interface MTU
ip link set eth0 mtu 9000
# Windows - show MTU
netsh interface ipv4 show interfaces
# Windows - set MTU
netsh interface ipv4 set subinterface "Ethernet" mtu=9000
IP Fragmentation and MTU
When an IP packet is larger than the MTU of an outgoing interface, one of two things happens:
Fragmentation (IPv4 default): The packet is broken into smaller fragments that each fit within the MTU. Fragments are reassembled at the destination.
Packet Too Big / Fragment Needed (Path MTU Discovery): With Don't Fragment (DF) bit set, the router drops the packet and sends an ICMP error indicating the MTU. The sender then reduces packet size.
Fragmentation should generally be avoided due to:
Path MTU Discovery (PMTUD)
Modern systems use PMTUD to discover the smallest MTU along the entire path:
If ICMP is blocked by firewalls, Path MTU Discovery fails silently. Packets that need fragmentation are dropped with no notification. This creates 'black holes' where small packets work but large ones fail. Always permit ICMP Type 3 (Destination Unreachable), especially Code 4 (Fragmentation Needed).
Jumbo frames are Ethernet frames with payloads larger than the standard 1500-byte MTU, typically up to 9000 bytes. They are not standardized by IEEE but are widely supported by enterprise and data center equipment.
Common Jumbo Frame Sizes:
| MTU Size | Frame Size | Common Name | Usage |
|---|---|---|---|
| 1500 | 1518 | Standard | Universal default |
| 1504 | 1522 | Baby giant | VLAN tagged frames |
| 4470 | 4488 | Mini jumbo | Some WAN equipment |
| 9000 | 9018 | Standard jumbo | Data centers, SANs |
| 9216 | 9234 | Maximum jumbo | Some equipment limit |
Benefits of Jumbo Frames:
Use Cases for Jumbo Frames:
Storage Area Networks (iSCSI, NFS) — Large block transfers benefit significantly from reduced overhead.
Data Center Interconnects — East-west traffic between servers often involves bulk data movement.
High-Performance Computing (HPC) — MPI workloads and parallel file systems transfer large data volumes.
Backup and Replication — Nightly backup traffic involves large sequential transfers.
Video Production/Streaming — High-bitrate video benefits from fewer packets per second.
Testing Jumbo Frame Configuration:
# Linux - ping with specific packet size (add 28 for ICMP/IP headers)
ping -M do -s 8972 target-host # Tests 9000 MTU
# If successful: jumbo frames work end-to-end
# If 'Message too long': MTU too small somewhere in path
The term 'baby giant' refers to frames slightly larger than 1518 bytes, typically 1522 bytes for single VLAN tag or 1526 bytes for Q-in-Q. Many switches default to allowing baby giants to transparently handle VLAN tagging without requiring jumbo frame configuration.
The 1500-byte MTU is the maximum Ethernet payload, but encapsulated protocols consume part of this space for their own headers. Understanding overhead is critical for sizing application payloads correctly.
Common Protocol Header Sizes:
| Protocol | Header Size | Notes |
|---|---|---|
| IPv4 | 20-60 bytes | 20 minimum, 60 with options |
| IPv6 | 40 bytes | Fixed header (excludes extension headers) |
| TCP | 20-60 bytes | 20 minimum, 60 with options |
| UDP | 8 bytes | Fixed header |
| ICMP | 8+ bytes | Variable payload |
| GRE | 4-16 bytes | Depends on options/keying |
| VXLAN | 8 bytes | Plus outer UDP/IP headers |
| IPsec ESP | 18-37 bytes | Depends on algorithm and mode |
Calculating Effective Payload:
Example: TCP over IPv4
Ethernet MTU: 1500 bytes
IPv4 header (min): - 20 bytes
TCP header (min): - 20 bytes
─────────────────────────────────
Maximum TCP payload: 1460 bytes (MSS - Maximum Segment Size)
Example: TCP over IPv4 with VXLAN encapsulation
Ethernet MTU: 1500 bytes
VXLAN outer IP: - 20 bytes
VXLAN outer UDP: - 8 bytes
VXLAN header: - 8 bytes
Inner Ethernet: - 14 bytes
Inner IPv4: - 20 bytes
Inner TCP: - 20 bytes
──────────────────────────────────
Maximum TCP payload: 1410 bytes
This 50-byte reduction in effective payload demonstrates why overlay networks often require jumbo frames to maintain standard 1500-byte inner MTU.
| Scenario | Inner MTU | Overhead | TCP MSS |
|---|---|---|---|
| Standard IPv4 | 1500 | 40 | 1460 |
| Standard IPv6 | 1500 | 60 | 1440 |
| IPv4 + VLAN | 1500 | 40 | 1460 |
| VXLAN (standard MTU) | 1500 | 90 | 1410 |
| VXLAN (jumbo MTU) | 9000 | 90 | 8910 |
| GRE tunnel | 1500 | 44 | 1456 |
| IPsec tunnel (AES-GCM) | 1500 | ~65 | ~1395 |
| PPPoE | 1492 | 48 | 1452 |
PPPoE (common with DSL) has an 8-byte header, reducing effective MTU from 1500 to 1492. This causes frequent fragmentation issues when remote sites try to send 1500-byte packets. Many enterprises configure 'MSS clamping' on PPPoE interfaces to advertise lower MSS and avoid fragmentation.
Different Ethernet frame variants have slightly different payload capacities based on header requirements.
Ethernet II (DIX)
The simplest and most common format:
IEEE 802.3 with LLC/SNAP
Adds 8 bytes of LLC/SNAP header inside the payload:
802.1Q VLAN Tagged
Adds 4-byte VLAN tag:
| Frame Type | Ethernet Header | Additional Overhead | Max Payload | Max Frame |
|---|---|---|---|---|
| Ethernet II | 14 bytes | None | 1500 bytes | 1518 bytes |
| IEEE 802.3 + LLC | 14 bytes | 3 bytes LLC | 1497 bytes | 1518 bytes |
| IEEE 802.3 + LLC/SNAP | 14 bytes | 8 bytes LLC/SNAP | 1492 bytes | 1518 bytes |
| Ethernet II + 802.1Q | 18 bytes | None | 1500 bytes | 1522 bytes |
| Ethernet II + Q-in-Q | 22 bytes | None | 1500 bytes | 1526 bytes |
| Jumbo (9000 MTU) | 14 bytes | None | 9000 bytes | 9018 bytes |
WiFi Frame Encapsulation
Wireless frames (802.11) have different header structures and additional addressing fields for wireless operation. When WiFi traffic is bridged to Ethernet:
Special Payload Types
Some Ethernet frames carry non-data payloads:
| Frame Type | Payload Content | Size |
|---|---|---|
| Pause frame (802.3x) | Pause opcode + timer | 42-46 bytes (padded) |
| LACP (802.3ad) | Link aggregation PDU | 90 bytes |
| LLDP | Device discovery info | Variable (usually small) |
| STP BPDU | Spanning tree info | 35-35+ bytes |
These control frames typically use minimum-size payloads with padding.
Some specialized equipment supports 'super jumbo' frames with MTU up to 16,000 bytes or more. These are extremely rare and used only in controlled environments like storage array interconnects. They offer incremental efficiency gains over standard jumbo frames but require careful end-to-end configuration.
The payload is the purpose of every Ethernet frame—delivering upper-layer data between nodes on the same network segment. Understanding payload constraints enables proper network design and troubleshooting.
What's Next
With the payload delivered, the receiver must verify that the frame arrived intact. The next page examines the Frame Check Sequence (FCS)—the 32-bit CRC that provides error detection for the entire MAC frame, ensuring data integrity across the physical medium.
You now understand the Ethernet payload field's size constraints, padding requirements, MTU concepts, jumbo frames, and encapsulation overhead. This knowledge is essential for network design, MTU optimization, and troubleshooting throughput and fragmentation issues.