TCP MSS adjustment
Overview
This feature adds support for adjustment of MSS of TCP packets with SYN flag according to access/aggregation network to prevent fragmentation of upstream and downstream TCP packets using ISA-BB.
There are two modes of adjustment operations supported: TCP MSS Adjustment for ESM Hosts, and TCP MSS Adjustment for NAT Services.
For TCP MSS adjust using ISA2-AA, see section AQP for the AQP rules.
TCP MSS adjustment for ESM hosts
This feature adds support for adjustment of the MSS size of TCP packets with SYN flag according to the access/aggregation network to prevent fragmentation of upstream and downstream TCP packets using ISA-BB diverted by IP/IPv6 filter actions.
The following ESM host types are supported:
IPv4/IPv6 IPoE hosts
locally terminated PPPoE hosts (without L2TP LAC)
L2TP LNS hosts
The configuration steps are as follows:
Create a NAT group used for an MSS adjustment.
config>isa nat-group 1 active-mda-limit 2 mda 1/1 mda 1/2
Associate the NAT group with a routing instance and configure the MSS value.
config>router config>service>vprn mss-adjust-group 1 segment-size 1452
Note: Unless there are dedicated ISAs or ESAs for MSS adjustment, an existing NAT group or WLAN-GW group can be referenced. If multiple NAT or WLAN-GW groups reference the same ISA or ESA, the NAT or WLAN-GW groups become inactive. MSS adjustment does not function correctly if it references an inactive NAT or WLAN-GW group.Create an IPv4/IPv6 filter to perform an MSS adjust.
config>filter>ip-filter>entry egress-pbr default-load-balancing match tcp-syn action tcp-mss-adjust config>filter>ipv6-filter>entry match tcp-syn action tcp-mss-adjust
Apply an IPv4/IPv6 filter to the SLA profile.
TCP MSS adjustment for NAT services
This feature provides MSS adjustment for TCP packets to be translated by NAT services.
The configuration steps are as follows:
Create a NAT-group used for NAT services with MSS adjustment.
config>isa nat-group 1 active-mda-limit 2 mda 1/1 mda 1/2
Create a NAT-policy that also adjusts MSS.
config>service>nat nat-policy "policy-for-mss-adjust" crate tcp-mss-adjust 1452