Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
876
Views
0
Helpful
6
Replies

tcp fragmentation

Carl King
Level 1
Level 1

‎02-09-2005 01:20 PM

Is there a way to turn on tcp fragmentation? If not is it possible to enable tcp-mss limits for a content rule on any layer 5 option other than "url"/*"".

We are trying to LB RDP connections on port 3389 over VPN and find that we are forced to lower the MTU on each workstation to make the connections. The documentation says tcp-mss only works on layer 5 rules but the only option I can find for layer 5 pertains to http.

Any tips?

Carl King

Labels:
0 Helpful
6 Replies 6

seilsz
Level 4
Level 4

‎02-09-2005 02:44 PM

Carl,

The command you are looking for is in global configuration mode:

CSS11506(config)# flow tcp-mss ?

Integer value(Range: 1-1460)

CSS11506(config)#

This will only be applicable to L5 content rules.

Do RDP connections work through the CSS without a VPN involved?

~Zach

0 Helpful

Carl King
Level 1
Level 1
In response to seilsz

‎02-10-2005 05:55 AM

Yes, RDP connections work outside of the VPN. The issue is documented with workarounds suggesting client ip stack modifications. The tcp-mss will take care of the problem globally but it seems to only work on layer 5 rules. If I setup tcp-mss, it won't do any good without a layer 5 option and the url argument only applies to http connections.

http://www.cisco.com/warp/public/105/38.pdf

Carl

0 Helpful

Gilles Dufour
Cisco Employee
Cisco Employee

‎02-10-2005 03:02 AM

Carl,

CSS11503(config)# tcp-ip-fragment ?

enabled Enable flow TCP IP fragment support

Gilles.

0 Helpful

seilsz
Level 4
Level 4
In response to Gilles Dufour

‎02-10-2005 06:25 AM

Gilles,

I think Carl is asking if there is a way to have the CSS negotiate/set a lower tcp mss for non-L5 flows.

Carl,

I do not think this is possible.

~Zach

0 Helpful

Carl King
Level 1
Level 1
In response to seilsz

‎02-10-2005 07:20 AM

Yes.

Or is there a way to LB RDP at layer 5?

Carl

0 Helpful

Gilles Dufour
Cisco Employee
Cisco Employee
In response to Carl King

‎02-10-2005 08:48 AM

the initial question was 'how to enable tcp fragment ?'

I thought you wanted the CSS to handle fragments or use TCP mss to avoid fragment.

Could you describe clearly the problem so we can find the appropriate solution.

Currently you are just asking us how to do what you think is the solution.

Is RDP going through a tunnel, and being fragmented ?

or is it dropped ?

If you use L3 or L4 rule, can't you simply change the TCP MSS on the server ?

I would think the server MSS is passed by the CSS to the client.

Unless using L5 rules, in which case the CSS complete the TCP 3-way handshake on behalf of the server, so a TCP-MSS option is required to set the TCP MSS for the CSS.

Did you try changing the server ?

Regards,

Gilles.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card