04-13-2023 09:56 AM
Hi all,
What is the use case for Path mtu discovery and mss adjust. Do they do the same thing?
When would one need to enable DF bit in ipv4 to avoid fragmentation?
I have never had to do this before, is this something that happens automatically behind-the -scenes?
04-13-2023 10:47 AM
What is the use case for Path mtu discovery and mss adjust. Do they do the same thing? Path MTU check the allow MTU along path between two router
mss adjust work in TCP handshake to prevent make client or server use MSS higher than specific value
I have never had to do this before, is this something that happens automatically behind-the -scenes? Yes path MTU and MSS recommend to config in tunnel
for more info.
Resolve IPv4 Fragmentation, MTU, MSS, and PMTUD Issues with GRE and IPsec - Cisco
04-13-2023 05:02 PM
"What is the use case for Path mtu discovery and mss adjust."
Just what their names imply. Sorry, sort of a circular answer, but if you don't understand PMTUD and/or MSS sizing, probably best to search the Internet for explanatory material, as cannot easily explain use cases in a sentence, or even a paragraph, or two.
"Do they do the same thing?"
No.
"When would one need to enable DF bit in ipv4 to avoid fragmentation?"
"need"? Why when one wants to avoid fragmentation. I.e. you don't "need" to avoid fragmentation, but lots of reasons why you want to. Sorry, again, a subject that you should searched for additional material.
"I have never had to do this before, is this something that happens automatically behind-the -scenes?"
Laugh, didn't I just question "need". I.e. since there's no "need" you never "needed" to do anything.
Anyway, things (usually) "work" without getting mucking with PMTUD or Cisco's "TCP adjust-mss", but things often work much better when one or both are (correctly) used.
From your questions, I'm assuming that much of the forgoing TechNote might be difficult for you to understand, for lack of knowledge. (BTW, nothing wrong in lacking knowledge, we all start with a blank slate!) Again, so much may be needed to be understood, you may need to find primer material.
The TechNote @MHM Cisco World recommended is excellent, but if most of the subject material is unfamiliar to you, the TechNote might confuse more than help.
04-13-2023 05:08 PM
His Q about df bit
1- if host send traffic with df set then as I think it depend on app
2- if router send traffic with df set ' I see such case in ipsec and PKI certificate.
Where fragment can make some issue in auth.
But that not only cases' sure there are more other
Thanks
MHM
04-13-2023 05:24 PM
"1- if host send traffic with df set then as I think it depend on app"
I believe apps can override system defaults (which might also be changed). Usually, DF is off, but if the system has a default for PMTUD, TCP packets than are set with DF, but not other traffic types. Reason being, TCP recovers from a DF dropped packets, other traffic kinds might not.
"2- if router send traffic with df set ' I see such case in ipsec and PKI certificate."
Certainly possible, although such "breaks" the IP model, i.e. it shouldn't matter. (Just as asymmetric routing often "breaks" stateful devices, but from a pure IP standpoint, that shouldn't matter either.)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide