Configuring TCP MSS for Session Negotiation

 

During session connection establishment, two peers agree in negotiations to determine the IP segment size of packets that they will exchange during their communication. The TCP MSS (maximum segment size) value in TCP SYN packets specifies the maximum number of bytes that a TCP packet’s data field, or segment, can contain. An MSS value that is set too high can result in an IP datagram that is too large to send and that must be fragmented. Fragmentation can incur additional overhead cost and packet loss.

To diminish the likelihood of fragmentation and to protect against packet loss, you can use the tcp-mss statement to specify a lower TCP MSS value. The tcp-mss statement applies to all IPv4 TCP SYN packets traversing all the router’s ingress interfaces whose MSS value is higher than the one you specify. You cannot exempt particular ports from its effects.

The following section describes how to configure TCP MSS on T Series, M Series, and MX Series routers:

Configuring TCP MSS on T Series and M Series Routers, and MX Series Routers Using a Service Card

To specify a TCP MSS value on T Series and M Series routers as well as MX Series routers using a service card, include the tcp-mss statement at the [edit services service-set service-set-name] hierarchy level:

The range of the tcp-mss mss-value parameter is from 536 through 65535 bytes.

Add the service set to any interface for which you want to adjust the TCP-MSS value:

To view statistics of SYN packets received and SYN packets whose MSS value is modified, issue the show services service-sets statistics tcp-mss operational mode command.

For further information about configuring TCP MSS on T Series and M Series routers, see the Junos OS Services Interfaces Library for Routing Devices.

Configuring TCP MSS Inline on MX Series Routers Using MPC Line Cards

To specify a TCP MSS value on MX Series routers that use MPC line cards, include the tcp-mss statement at the [edit interfaces interface-name unit logical-unit-number family family] hierarchy level:

The range of the mss-value parameter is from 64 through 65,535 bytes.

The TCP MSS value must be lower than the MTU of the interface.

This statement is supported on the following interfaces: gr- (GRE), ge- (Gigabit Ethernet), xe- (10-Gigabit Ethernet), and et- (40-Gigabit and 100-Gigabit Ethernet). Families supported are inet and inet6.

Note

Configuring TCP MSS inline on MX Series routers using MPC line cards works only for traffic exiting/egressing the interface, not traffic entering/ingressing the interface.