cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Configuring and Verifying MSS on Cisco ACE

2554
Views
0
Helpful
0
Comments

 

Introduction

The TCP Maximum Segment Size (MSS) defines the maximum amount of data that a host is willing to accept in a single TCP/IP datagram.  The MSS value is sent as a TCP header option only in TCP SYN segments. Each side of a TCP connection reports its MSS value to the other side. In order to assist in avoiding IP fragmentation at the endpoints of the TCP connection, the selection of the MSS value was changed to the minimum buffer size and the MTU of the outgoing interface. MSS is based on default header sizes; the sender stack must subtract the appropriate values for the IP header and the TCP header depending on what TCP or IP options are being used. Incorrect MSS sizes acn result into IP fragmentation.

 

IP Fragmentation


The design of IP accommodates MTU differences by allowing routers to fragment IP datagrams as necessary. The receiving station is responsible for reassembling the fragments back into the original full size IP datagram. IP fragmentation involves breaking a datagram into a number of pieces that can be reassembled later. The IP source, destination, identification, total length, and fragment offset fields, along with the "more fragments" and "don't fragment" flags in the IP header, are used for IP fragmentation and reassembly.

 

Configuring MSS

The maximum segment size (MSS) is the largest amount of TCP data that the ACE accepts in one segment. To prevent the transmission of many smaller segments that waste bandwidth or very large segments that may require fragmentation, you can set the minimum and maximum acceptable sizes of the MSS. To set the MSS, use the set tcp mss command in parameter map connection configuration mode. The syntax of this command is as follows: 
 
set tcp mss min number1 max number2 
 
The options and arguments are as follows: 
 
min number1—Specifies the smallest segment size that the ACE will accept. Enter an integer from 0 to 65535 bytes. The default is 536 bytes.
max number2—Specifies the largest segment size that the ACE will accept. Enter an integer from 0 to 65535 bytes. The default is 1380 bytes.

Both the host and the server can set the MSS when they first establish a connection. If either maximum exceeds the value that you set with the set tcp mss max command, the ACE overrides the maximum value and inserts the value that you set. If either maximum is less than the value that you set with the set tcp mss min command, the ACE overrides the maximum and inserts the minimum value that you set.

You can configure the ACE behavior for a segment that exceeds the configured maximum segment size (MSS) by using the exceed-mss command in connection parameter map configuration mode. The syntax of this command is as follows: 
 
exceed-mss {allow | drop} 


Verifying MSS

For a particular connection you can  use a command

show np X me-stats "-c <conn-id> -vvv"

where NP number and connection detail can be obtained using "show connection" output.

ACE30-1/Admin# sh np 1 me-stats  "-c 633710 -vvv"
Connection ID:seq: 633710[0x9ab6e].2
  Other ConnID    : 643599[0x9d20f].2
  Proxy ConnID    : 0[0x0].0
  Next Q    : 0[0x0]

20.20.20.1:21910 -> 20.20.20.2:2000 [RX-NextHop: TX] [TX-NextHop: CP]
  Flags:  PAT: No  DynNAT: No  Implicit PAT: No On_Reuse: No
  L3 Protocol     : IPv4                L4 Protocol    : 6
  Inbound Flag    : 1
  Interface Match : Yes
    Interface MatchID: 8
  EncapsID:ver    : 1:0         TCP ACK delta  : 0x0
  MSS             : 1460                TOS Stamp       : 224
  Repeat mode     : No          Punt Flag      : No

 

Related Information

Cisco ACE 4700 Series Application Control Engine Appliance 
Resolve IP Fragmentation, MTU, MSS, and PMTUD Issues 
MSS value on ACE SM

CreatePlease to create content
Content for Community-Ad

Cisco COVID-19 Survey