[Shorewall-users] Way OT: MSS/MTU question.
ck2 at softhome.net
Mon Dec 15 11:29:10 PST 2003
Joshua Banks wrote:
>I've been trying to track down the answer to this and am coming up
>empty handed. I'm hoping someone might shed some light on the
>following regarding mtu/mss values.
>When I do: "netstat -rn" or "route -nee"
>Why is the "mss" value "40" ? Everything works just fine. (e.g...
>downloading email attatchments and doing file tranfers so I'm
>thinking that this is a bug of some sort.)
Well, from what I remember, the MSS value isn't determined by YOU, it's
set by the RECEIVER of the segment. Therefore, it's possible that
during the establishment of the connections you showed, the receivers
set the MSS to 40.
OTOH, the MTU value IS set by you...and fragmented as needed as it
travels through networks with smaller MTU values....
>I know that -IP header (20 bytes) and -TCP heard (20 bytes) would give
>you MTU -40 bytes wich would give you a MSS value or 1460 bytes for
>ethernet. Does anyone have any ideas why or links that point to an
>explanation of this low MSS value.
Not really following how you're making this calculation, but both TCP
and IP headers are a minimum of 20 bytes and can go as high as 60 bytes
with the available options. Adding these two together doesn't determine
your MTU since the final frame (which is where the MTU matters) is made
up of MORE than just the IP and TCP headers.
Another thing, MSS is the size of the DATA package in the TCP
segment...NOT the size of the header or header plus data. The name Max
Segment Size is really a misnomer since the size of the MSS does not
include the size of the header....only the size of the data.
Hope maybe this helps somehow.
More information about the Shorewall-users