cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
555
Views
0
Helpful
2
Replies

tcp-adjust-mss

jschweng
Level 1
Level 1

We have a ciso 2800 router with a vpn over a WAN to a Checkpoint firewall

The WAN is 300M and has a 30ms delay

The vpn was moved over there from a WAN with on ly 2M BW but less delay.

But now the performance is worse.

ive read some about teh use of tcp-adjust-mss 1300 on the ciso router side fo the vpn and

was wondering if htat would help and what would be the potential impacts.

Am I correct in that teh data with the L3 packet will be adjusted to what is set at, and so then the over all  L2 packet will be kept under 1500 bytes.

so no fragementation after the sec header applied?

just trying to find out why our vpn is so slow not but with much more Bandwidth?

any help is appreciated

thanks

2 Replies 2

Kelvin Willacey
Level 4
Level 4

Have you checked to see if you are getting the required bandwidth by using jperf and if there are any issues with the link such as drops? I have typically had issues with VPN that required adjusting the mss but I can't recall it ever being because of speed, typically certain applications would not work, and once adjusted everything works great.

You can follow the link below for more information on adjusting the mss

http://www.cisco.com/en/US/tech/tk827/tk369/technologies_white_paper09186a00800d6979.shtml

we have run ssc file transfers outside the tunnel and gotten 85mb/s and that;s with a 100M link at the source.

if I adjust hte mss sizedown at the vpn endpiont on one side to 1460 or less will that that stop any packet fragmentatoin on the vvpn

and will that be sent back to the hosts somehow

Review Cisco Networking for a $25 gift card