Why is MTU forced to 1500 by CIS and how to correct?

I am trying to use Jumbo Frames but have been frustrated. After many weeks of searching and testing, I have discovered that the problem is Comodo CIS which is restricting the MTU to 1500 no matter what I set my NIC to in Device Manager-Advanced-Jumbo Frames-MTU. Why is CIS doing this and more importantly what do I have to do to stop it so I can use jumbo frames? Thanks and enjoy, John.

CIS 6.3.294583.2937, W7 x64

A question out of curiosity. How did you find out it was CIS causing this? Does the problem only go away when you uninstall CIS or disable the Firewall driver?

We may be looking at a bug.

Is “Block Fragmented IP traffic” enabled or disabled in the firewall settings? If it’s enabled what happens if you disable it?

I don’t know if this would be the thing causing this issue but it’s the only thing I could see that mentions anything about MTU in the online help files.

Thanks, EricJH.

We may be looking at a bug.
It may be intentional but I think it is a bug. I was hoping there was a setting to stop the behavior but could find none.

I found this via Google. This is nothing new - quite old. I originally blamed either my HW (DT and/or LT, both with Broadcom NICs) or the W7 I had installed. I use an unattended install process this is essentially the same on both machines. So, I installed a plain W7 on my LT and I could send out large packets (ping with Jumbo Frame). Then I started installing the tweaks, applications and Registry changes that I had on my original systems - no problems.

I then installed CIS (latest) and when I changed my MTU via Device Manager-Advanced-Jumbo Frames-MTU the change was not reflected in “netsh int ip show subinterfaces”. I removed CIS and all OK-reinstalled CIS and bad again-then removed only the FW and is good again.

Thanks also, SanyaIV. I agree with you that MTU seems to only be mentioned with respect to “Block Fragmented IP traffic”. It is off by default and I have not changed it.

I should point out that I have not passed Jumbo Frames between my systems yet and am still doing some testing. I do not like the idea off turning off the CIS FW on my DT (my main system).
Thanks to both and enjoy, John.

I made a paragraph for an easier read (back). Eric

The problem only happens when you switch off the firewall. On a sidenote; why would you want it disabled? is there a reason for?

Thanks, EricJH , but you read me in reverse. Jumbo Frames only WORK when I remove the FW. When the CIS FW is installed the MTU is forced to 1500 bytes no matter to what I set it (e.g. 9000 bytes). This morning I removed the FW from both my DT and LT and did several transfers between them using 9000 byte MTU. I confirmed this with Wireshark. Enjoy, John.

Your findings remind me of the following two topics by the same name:
Comodo Firewall is Causing Dropped Packets when DISABLED
Comodo Firewall is Causing Dropped Packets when DISABLED

One is a help request and the other one a bug report.

How does your problem compare?

Thanks, EricJH. My problem occurs with the FW installed and enabled and I have detected no packet loss, so they are quite different. I found both of those posts during my investigation after I found CIS FW was causing my problem. Disabling the FW or exiting CIS does not fix my problem - still can’t use Jumbo Frames. I pointed to a basically identical problem to mine in my second post - here. It is this problem that really bothers me. The CIS version is 3.10.102363.531, meaning it is very old. Why is it not corrected? Why is it not at least responded to or even explained? I am suspecting that interfering with the MTU is in CIS design. I think the developers need to be asked if this is by design. It is unacceptable, as far as I am concerned, but may serve some purpose. Killing Jumbo Frames for all users of CIS sounds bad to me. I do not like running with the CIS FW turned off, so I don’t and I don’t use Jumbo Frames as a consequence. Do other FWs do the same? - doubt it. Thanks and enjoy, John.

EDIT: Bug report here.