Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

tcp-mss

Syntax

Hierarchy Level

Description

Enable and specify the TCP maximum segment size (TCP MSS) to be used to replace that of TCP SYN packets whose MSS option is set to a higher value than the value you choose.

If the router receives a TCP packet with the SYN bit and MSS option set and the MSS option specified in the packet is larger than the MSS specified by the tcp-mss command, the router replaces the MSS value in the packet with the lower value specified by the tcp-mss statement.

This statement enables you to specify the MSS size in TCP SYN packets used during session establishment. Decreasing the MSS size helps to limit packet fragmentation and to protect against packet loss that can occur when a packet must be fragmented to meet the MTU size but the packet’s DF (don’t fragment) bit is set.

Use the tcp-mss statement to specify a lower TCP MSS value than the value in the TCP SYN packets.

If you configure this statement under the [edit interfaces] hierarchy, keep in mind:

  • This statement only takes effect on lt- interfaces, gr- interfaces, and service-related interfaces like L2TP network server (LNS) and service sets.
  • TCP MSS adjustment only takes effect for packets entering the interface. This statement has no effect on packets exiting an interface.
Note:

When an SRX Series device is running in packet mode with MPLS, TCP MSS is not supported.

Options

mss-value—TCP MSS value for SYN packets with a higher MSS value set.

  • Range: 64 through 65535 bytes.

  • Default: TCP MSS is disabled.

Required Privilege Level

system—To view this statement in the configuration.

system-control—To add this statement to the configuration.

Release Information

Statement introduced in Junos OS Release 9.2.

Related Documentation