diff --git a/docs/calico.md b/docs/calico.md
index 3858ad6ea1cda301e8a84e49ec2b31f39172104d..4edfd75906e8b7fdfc84d9ab72dda2493d0bc6b2 100644
--- a/docs/calico.md
+++ b/docs/calico.md
@@ -219,6 +219,19 @@ calico_vxlan_mode: 'Never'
 
 If you use VXLAN mode, BGP networking is not required. You can disable BGP to reduce the moving parts in your cluster by `calico_network_backend: vxlan`
 
+## Configuring interface MTU
+
+This is an advanced topic and should usually not be modified unless you know exactly what you are doing. Calico is smart enough to deal with the defaults and calculate the proper MTU. If you do need to set up a custom MTU you can change `calico_veth_mtu` as follows:
+
+* If Wireguard is enabled, subtract 60 from your network MTU (i.e. 1500-60=1440)
+* If using VXLAN or BPF mode is enabled, subtract 50 from your network MTU (i.e. 1500-50=1450)
+* If using IPIP, subtract 20 from your network MTU (i.e. 1500-20=1480)
+* if not using any encapsulation, set to your network MTU (i.e. 1500 or 9000)
+
+```yaml
+calico_veth_mtu: 1440
+```
+
 ## Cloud providers configuration
 
 Please refer to the official documentation, for example [GCE configuration](http://docs.projectcalico.org/v1.5/getting-started/docker/installation/gce) requires a security rule for calico ip-ip tunnels. Note, calico is always configured with ``calico_ipip_mode: Always`` if the cloud provider was defined.
diff --git a/inventory/sample/group_vars/k8s_cluster/k8s-net-calico.yml b/inventory/sample/group_vars/k8s_cluster/k8s-net-calico.yml
index 86a11bf1adf413b1a88f2f6f1648421e11836ab9..a290d67c072cf86d1c66188416d806bccdc3fb97 100644
--- a/inventory/sample/group_vars/k8s_cluster/k8s-net-calico.yml
+++ b/inventory/sample/group_vars/k8s_cluster/k8s-net-calico.yml
@@ -36,10 +36,10 @@
 # calico_mtu: 1500
 
 # Configure the MTU to use for workload interfaces and tunnels.
-# - If Wireguard is enabled, set to your network MTU - 60
-# - Otherwise, if VXLAN or BPF mode is enabled, set to your network MTU - 50
-# - Otherwise, if IPIP is enabled, set to your network MTU - 20
-# - Otherwise, if not using any encapsulation, set to your network MTU.
+# - If Wireguard is enabled, subtract 60 from your network MTU (i.e 1500-60=1440)
+# - Otherwise, if VXLAN or BPF mode is enabled, subtract 50 from your network MTU (i.e. 1500-50=1450)
+# - Otherwise, if IPIP is enabled, subtract 20 from your network MTU (i.e. 1500-20=1480)
+# - Otherwise, if not using any encapsulation, set to your network MTU (i.e. 1500)
 # calico_veth_mtu: 1440
 
 # Advertise Cluster IPs