diff --git a/examples/client/client.c b/examples/client/client.c
index 2b4b27052..ef878e6a4 100644
--- a/examples/client/client.c
+++ b/examples/client/client.c
@@ -858,7 +858,7 @@ static void Usage(void)
     printf("-S <str>    Use Host Name Indication\n");
 #endif
 #ifdef HAVE_MAX_FRAGMENT
-    printf("-F <num>    Use Maximum Fragment Length [0-5]\n");
+    printf("-F <num>    Use Maximum Fragment Length [0-6]\n");
 #endif
 #ifdef HAVE_TRUNCATED_HMAC
     printf("-T          Use Truncated HMAC\n");
diff --git a/tests/include.am b/tests/include.am
index 9c7aa09ca..2b6baf558 100644
--- a/tests/include.am
+++ b/tests/include.am
@@ -32,5 +32,7 @@ EXTRA_DIST += tests/test.conf \
               tests/test-sig.conf \
               tests/test-ed25519.conf \
               tests/test-enckeys.conf \
+              tests/test-maxfrag.conf \
+              tests/test-maxfrag-dtls.conf \
               tests/test-fails.conf
 DISTCLEANFILES+= tests/.libs/unit.test
diff --git a/tests/suites.c b/tests/suites.c
index cc12d5d24..e4dd93a0d 100644
--- a/tests/suites.c
+++ b/tests/suites.c
@@ -783,6 +783,29 @@ int SuiteTest(void)
     }
 #endif
 
+#ifdef HAVE_MAX_FRAGMENT
+    /* Max fragment cipher suite tests */
+    strcpy(argv0[1], "tests/test-maxfrag.conf");
+    printf("starting max fragment cipher suite tests\n");
+    test_harness(&args);
+    if (args.return_code != 0) {
+        printf("error from script %d\n", args.return_code);
+        args.return_code = EXIT_FAILURE;
+        goto exit;
+    }
+
+    #ifdef WOLFSSL_DTLS
+    strcpy(argv0[1], "tests/test-maxfrag-dtls.conf");
+    printf("starting dtls max fragment cipher suite tests\n");
+    test_harness(&args);
+    if (args.return_code != 0) {
+        printf("error from script %d\n", args.return_code);
+        args.return_code = EXIT_FAILURE;
+        goto exit;
+    }
+    #endif
+#endif
+
     /* failure tests */
     args.argc = 3;
     strcpy(argv0[1], "tests/test-fails.conf");
diff --git a/tests/test-maxfrag-dtls.conf b/tests/test-maxfrag-dtls.conf
new file mode 100644
index 000000000..67aef1776
--- /dev/null
+++ b/tests/test-maxfrag-dtls.conf
@@ -0,0 +1,215 @@
+# server DTLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
+-u
+-v 3
+-l ECDHE-ECDSA-AES256-GCM-SHA384
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
+-u
+-v 3
+-l ECDHE-ECDSA-AES256-GCM-SHA384
+-A ./certs/ca-ecc-cert.pem
+-F 1
+
+# server DTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
+-u
+-v 3
+-l ECDHE-RSA-AES256-GCM-SHA384
+
+# client DTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
+-u
+-v 3
+-l ECDHE-RSA-AES256-GCM-SHA384
+-F 1
+
+# server DTLSv1.2 DHE-RSA-AES256-GCM-SHA384
+-u
+-v 3
+-l DHE-RSA-AES256-GCM-SHA384
+
+# client DTLSv1.2 DHE-RSA-AES256-GCM-SHA384
+-u
+-v 3
+-l DHE-RSA-AES256-GCM-SHA384
+-F 1
+
+# server DTLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
+-u
+-v 3
+-l ECDHE-ECDSA-AES256-GCM-SHA384
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
+-u
+-v 3
+-l ECDHE-ECDSA-AES256-GCM-SHA384
+-A ./certs/ca-ecc-cert.pem
+-F 2
+
+# server DTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
+-u
+-v 3
+-l ECDHE-RSA-AES256-GCM-SHA384
+
+# client DTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
+-u
+-v 3
+-l ECDHE-RSA-AES256-GCM-SHA384
+-F 2
+
+# server DTLSv1.2 DHE-RSA-AES256-GCM-SHA384
+-u
+-v 3
+-l DHE-RSA-AES256-GCM-SHA384
+
+# client DTLSv1.2 DHE-RSA-AES256-GCM-SHA384
+-u
+-v 3
+-l DHE-RSA-AES256-GCM-SHA384
+-F 2
+
+# server DTLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
+-u
+-v 3
+-l ECDHE-ECDSA-AES256-GCM-SHA384
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
+-u
+-v 3
+-l ECDHE-ECDSA-AES256-GCM-SHA384
+-A ./certs/ca-ecc-cert.pem
+-F 3
+
+# server DTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
+-u
+-v 3
+-l ECDHE-RSA-AES256-GCM-SHA384
+
+# client DTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
+-u
+-v 3
+-l ECDHE-RSA-AES256-GCM-SHA384
+-F 3
+
+# server DTLSv1.2 DHE-RSA-AES256-GCM-SHA384
+-u
+-v 3
+-l DHE-RSA-AES256-GCM-SHA384
+
+# client DTLSv1.2 DHE-RSA-AES256-GCM-SHA384
+-u
+-v 3
+-l DHE-RSA-AES256-GCM-SHA384
+-F 3
+
+# server DTLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
+-u
+-v 3
+-l ECDHE-ECDSA-AES256-GCM-SHA384
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
+-u
+-v 3
+-l ECDHE-ECDSA-AES256-GCM-SHA384
+-A ./certs/ca-ecc-cert.pem
+-F 4
+
+# server DTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
+-u
+-v 3
+-l ECDHE-RSA-AES256-GCM-SHA384
+
+# client DTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
+-u
+-v 3
+-l ECDHE-RSA-AES256-GCM-SHA384
+-F 4
+
+# server DTLSv1.2 DHE-RSA-AES256-GCM-SHA384
+-u
+-v 3
+-l DHE-RSA-AES256-GCM-SHA384
+
+# client DTLSv1.2 DHE-RSA-AES256-GCM-SHA384
+-u
+-v 3
+-l DHE-RSA-AES256-GCM-SHA384
+-F 4
+
+# server DTLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
+-u
+-v 3
+-l ECDHE-ECDSA-AES256-GCM-SHA384
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
+-u
+-v 3
+-l ECDHE-ECDSA-AES256-GCM-SHA384
+-A ./certs/ca-ecc-cert.pem
+-F 5
+
+# server DTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
+-u
+-v 3
+-l ECDHE-RSA-AES256-GCM-SHA384
+
+# client DTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
+-u
+-v 3
+-l ECDHE-RSA-AES256-GCM-SHA384
+-F 5
+
+# server DTLSv1.2 DHE-RSA-AES256-GCM-SHA384
+-u
+-v 3
+-l DHE-RSA-AES256-GCM-SHA384
+
+# client DTLSv1.2 DHE-RSA-AES256-GCM-SHA384
+-u
+-v 3
+-l DHE-RSA-AES256-GCM-SHA384
+-F 5
+
+# server DTLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
+-u
+-v 3
+-l ECDHE-ECDSA-AES256-GCM-SHA384
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
+-u
+-v 3
+-l ECDHE-ECDSA-AES256-GCM-SHA384
+-A ./certs/ca-ecc-cert.pem
+-F 6
+
+# server DTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
+-u
+-v 3
+-l ECDHE-RSA-AES256-GCM-SHA384
+
+# client DTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
+-u
+-v 3
+-l ECDHE-RSA-AES256-GCM-SHA384
+-F 6
+
+# server DTLSv1.2 DHE-RSA-AES256-GCM-SHA384
+-u
+-v 3
+-l DHE-RSA-AES256-GCM-SHA384
+
+# client DTLSv1.2 DHE-RSA-AES256-GCM-SHA384
+-u
+-v 3
+-l DHE-RSA-AES256-GCM-SHA384
+-F 6
diff --git a/tests/test-maxfrag.conf b/tests/test-maxfrag.conf
new file mode 100644
index 000000000..2ca6cc8dd
--- /dev/null
+++ b/tests/test-maxfrag.conf
@@ -0,0 +1,179 @@
+# server TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
+-v 3
+-l ECDHE-ECDSA-AES256-GCM-SHA384
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
+-v 3
+-l ECDHE-ECDSA-AES256-GCM-SHA384
+-A ./certs/ca-ecc-cert.pem
+-F 1
+
+# server TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
+-v 3
+-l ECDHE-RSA-AES256-GCM-SHA384
+
+# client TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
+-v 3
+-l ECDHE-RSA-AES256-GCM-SHA384
+-F 1
+
+# server TLSv1.2 DHE-RSA-AES256-GCM-SHA384
+-v 3
+-l DHE-RSA-AES256-GCM-SHA384
+
+# client TLSv1.2 DHE-RSA-AES256-GCM-SHA384
+-v 3
+-l DHE-RSA-AES256-GCM-SHA384
+-F 1
+
+# server TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
+-v 3
+-l ECDHE-ECDSA-AES256-GCM-SHA384
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
+-v 3
+-l ECDHE-ECDSA-AES256-GCM-SHA384
+-A ./certs/ca-ecc-cert.pem
+-F 2
+
+# server TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
+-v 3
+-l ECDHE-RSA-AES256-GCM-SHA384
+
+# client TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
+-v 3
+-l ECDHE-RSA-AES256-GCM-SHA384
+-F 2
+
+# server TLSv1.2 DHE-RSA-AES256-GCM-SHA384
+-v 3
+-l DHE-RSA-AES256-GCM-SHA384
+
+# client TLSv1.2 DHE-RSA-AES256-GCM-SHA384
+-v 3
+-l DHE-RSA-AES256-GCM-SHA384
+-F 2
+
+# server TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
+-v 3
+-l ECDHE-ECDSA-AES256-GCM-SHA384
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
+-v 3
+-l ECDHE-ECDSA-AES256-GCM-SHA384
+-A ./certs/ca-ecc-cert.pem
+-F 3
+
+# server TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
+-v 3
+-l ECDHE-RSA-AES256-GCM-SHA384
+
+# client TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
+-v 3
+-l ECDHE-RSA-AES256-GCM-SHA384
+-F 3
+
+# server TLSv1.2 DHE-RSA-AES256-GCM-SHA384
+-v 3
+-l DHE-RSA-AES256-GCM-SHA384
+
+# client TLSv1.2 DHE-RSA-AES256-GCM-SHA384
+-v 3
+-l DHE-RSA-AES256-GCM-SHA384
+-F 3
+
+# server TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
+-v 3
+-l ECDHE-ECDSA-AES256-GCM-SHA384
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
+-v 3
+-l ECDHE-ECDSA-AES256-GCM-SHA384
+-A ./certs/ca-ecc-cert.pem
+-F 4
+
+# server TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
+-v 3
+-l ECDHE-RSA-AES256-GCM-SHA384
+
+# client TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
+-v 3
+-l ECDHE-RSA-AES256-GCM-SHA384
+-F 4
+
+# server TLSv1.2 DHE-RSA-AES256-GCM-SHA384
+-v 3
+-l DHE-RSA-AES256-GCM-SHA384
+
+# client TLSv1.2 DHE-RSA-AES256-GCM-SHA384
+-v 3
+-l DHE-RSA-AES256-GCM-SHA384
+-F 4
+
+# server TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
+-v 3
+-l ECDHE-ECDSA-AES256-GCM-SHA384
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
+-v 3
+-l ECDHE-ECDSA-AES256-GCM-SHA384
+-A ./certs/ca-ecc-cert.pem
+-F 5
+
+# server TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
+-v 3
+-l ECDHE-RSA-AES256-GCM-SHA384
+
+# client TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
+-v 3
+-l ECDHE-RSA-AES256-GCM-SHA384
+-F 5
+
+# server TLSv1.2 DHE-RSA-AES256-GCM-SHA384
+-v 3
+-l DHE-RSA-AES256-GCM-SHA384
+
+# client TLSv1.2 DHE-RSA-AES256-GCM-SHA384
+-v 3
+-l DHE-RSA-AES256-GCM-SHA384
+-F 5
+
+# server TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
+-v 3
+-l ECDHE-ECDSA-AES256-GCM-SHA384
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
+-v 3
+-l ECDHE-ECDSA-AES256-GCM-SHA384
+-A ./certs/ca-ecc-cert.pem
+-F 6
+
+# server TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
+-v 3
+-l ECDHE-RSA-AES256-GCM-SHA384
+
+# client TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
+-v 3
+-l ECDHE-RSA-AES256-GCM-SHA384
+-F 6
+
+# server TLSv1.2 DHE-RSA-AES256-GCM-SHA384
+-v 3
+-l DHE-RSA-AES256-GCM-SHA384
+
+# client TLSv1.2 DHE-RSA-AES256-GCM-SHA384
+-v 3
+-l DHE-RSA-AES256-GCM-SHA384
+-F 6