Hello.

Right, I completely forgot about this. Once I enable PMTUD by using the ip tcp path-mtu-discovery command, the Cisco router uses an MSS of 1460 (since 1500 is configured on its interface) now instead of 536 so that solves the problem, thanks guys.

Thanks for you feedback !

Yup.

Another configuration command, that can improve some data reception on Cisco devices is increase TCP RWIN to, at least, 64k.

BTW, although many readers may know I've a keen interest in QoS, my real underlying interest has always been performance, because IMO, "computer systems should wait on people, people should not wait on computer systems".

Hmm, haven't tried adjusting MSS to 1400.  Have enabled PMTUD which will start with interface MTU and reduce if notified.

Possible issue with just bumping MSS (besides the obvious it may be too large end-to-end), might still retain 576 for remote networks, using IP fragmentation to contain the larger MSS.  Have you confirmed what's actually transmitted?

I was asking about why do Cisco IOS devices set the MSS to 536 for remote connections and what was the reason behind it which Joseph.W. Doherty answered, that's why I haven't picked your answer as the solution. I know how to configure the MSS and also how the adjustment works,

As you like 
MHM

BTW, the tcp adjust-mss command (I wondered if that's what you had in mind). I recall, can only decrease MSS from what's seen during TCP session setup. So, for example, if one host says it only supports a MSS of 536, it will not change it to 1400.

"Pmtud is not recommend by all vendors since many vendors drop icmp use for it."

Oh, can you provide any references?  It's not a recommendation I would expect (because of issue described in this posting).  However, I could see a recommendation not to use DF (don't fragment) setting, although I wouldn't agree with either "recommendation".

"Cisco IOS devices set different MSS values for local and remote connections due to the varying MTU sizes across network paths."

What any host should do is use interface MTU for interface connected network (as all hosts on local network should be using same MTU).  For non-local networks, MTU should be 576 w/o PMTUD.

From RFC 791:

"All hosts must be prepared to accept datagrams of up to 576 octets (whether they arrive whole or in fragments). It is recommended that hosts only send datagrams larger than 576 octets if they have assurance that the destination is prepared to accept the larger datagrams."

Interestingly, the max MTU is based on destination's capacity, not transit path.  This because IP, by default, can/will use fragments.

So, unless we know what a remote host can accept for MTU, we cannot transmit larger than 576.  Again, a local destination (same L2 domain segment) should support transmitter's MTU.

BTW, on routers, enabling PMTUD can do wonders for BGP.

Oh, it can improve other Cisco device network data transfers too, but to "see" the improvement it needs much data and isn't otherwise bottlenecked.  For example, something like show tech, w/o paging, might go faster.  Something, like FTP copies, to/from flash, tend to be bottlenecked by flash R/W performance.

@Joseph W. Doherty 

Absolutely. Thank you for clarifying the MTU considerations based on RFC 791. Indeed, hosts should adhere to the recommended maximum MTU size of 576 octets unless they have assurance that the destination can accept larger datagrams. This is particularly crucial for non-local networks where PMTUD might not be reliable.

Enabling PMTUD on routers can indeed improve the efficiency and reliability of BGP and other protocols by dynamically adjusting the maximum segment size based on the discovered path MTU. This helps avoid fragmentation and potential issues related to oversized packets.