Tcp Mss Adjustment - Cisco ASR 9000 Series Configuration Manual
Aggregation services router broadband
network gateway
Hide thumbs
Also See for ASR 9000 Series:
- Command reference manual (1138 pages) ,
- Routing configuration manual (702 pages) ,
- Reference manual (696 pages)
Table of Contents
Advertisement
TCP MSS Adjustment
server-key cisco
client 3.0.0.28 vrf default server-key cisco
end
!
!
What to Do Next
These attributes need to be present in the user profile to configure the Radius-based Lawful Intercept.
xyz_user1@domain.com Password == "cisco"
TCP MSS Adjustment
The TCP MSS Adjustment feature allows the configuration of the maximum segment size (MSS) on transient
packets that traverse a Cisco ASR 9000 Series Router.
When dealing with PPPoE or L2TP cases, an additional header that the client initiating a TCP session may
not be aware of is added to the packet. This can result in lost packets, broken transmissions, or fragmentation
when packet sizes exceed the maximum transmission units (MTUs) due to the added headers.
Here is a sample scenario that shows how the TCP MSS adjust feature works:
Figure 9: Sample TCP MSS Adjust
In this example, the HTTP client sends to the HTTP server a TCP synchronize (SYN) packet that signals an
MSS value of 1300 (MTU) - 20 TCP - 20 IP header = 1260. On receiving it, the HTTP server acknowledges
it with a SYN ACK message. The HTTP client confirms the TCP session with a single acknowledgment and
opens up the TCP channel.
Note
This is a sample scenario without PPPoE or L2TP.
When the HTTP server picks up a large file, it segments it into 1460 byte chunks (assuming that there are no
http headers for now). When the HTTP server sends the packet, the first Cisco ASR 9000 Series Router (on
the right) detects that the MTU is 576 downstream to the client and requires a 1300 byte packet to be
fragmented.
If the server sets the DF ("don't fragment") bit, then the packet is dropped. And, if the packet does not have
the DF bit set, then it gets fragmented, requiring the client to reassemble the packets. In digital subscriber line
(DSL) or fibre-to-the-home (FTTH) like access, a CPE may block incoming fragments as a security mechanism,
causing this transmission to be lost.
In a typical scenario, having packets that are dropped causes partial downloads, an obstruction, or a delay in
displaying images in web pages. MSS adjust overcomes this scenario by intercepting the TCP SYN packet,
Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide,
Release 4.3.x
228
Cisco-avpair = "md-ip-addr=192.1.1.4",
Cisco-avpair += "md-port=203",
Cisco-avpair += "md-dscp=3",
Cisco-avpair += "intercept-id=abcd0003",
Cisco-avpair += "li-action=1"
Configuring Subscriber Features
OL-28375-03
Advertisement
Chapters
Table of Contents
