Is there a TCP Maximum Segment Size (MSS) Minimum?












4















I have there a OpenVPN VPN network connection, where the MSS size 60 gets send out for some reason (don't know why yet).
EDIT: Reason: OpenVPN mssfix was mistakenly set to 1



36  92.064383   10.102.0.43 10.1.151.50 TCP 52  49991 → 63760 [SYN] Seq=0 Win=65535 Len=0 MSS=60 WS=128 SACK_PERM=1

37  92.064763   10.1.151.50 10.102.0.43 TCP 52  63760 → 49991 [SYN, ACK] Seq=0 Ack=1 Win=65535 Len=0 MSS=1460 WS=256 SACK_PERM=1


There are two devices on this network, which behave different.




  • Win 10 PC with Filezilla FTP Server

  • Embedded device (PLC) based on VxWorks with internal FTP server


The PC sets the MSS size to 536, but the PLC sets it down to 60 like requested.



41  92.171676   10.1.151.50 10.102.0.43 FTP-DATA    576 FTP Data: 536 bytes (PASV) (RETR TCData.br)

67  17.385576   10.1.151.1  10.102.0.43 FTP-DATA    100 FTP Data: 60 bytes (PASV) (RETR TCData.br)


Is that implemented on the right way on both sides?



I know that the default TCP MSS is 536, but is there a required minimum size?






ip tcp tcpip







share|improve this question

























  • I have browsed through relevant RFCs and found no mention of a minimum value for MSS. The most relevant sources I could find were tools.ietf.org/html/rfc1122#page-85 and tools.ietf.org/html/rfc6691#section-2. From this it sounds like there is no minimum value. But a sender may need to subtract as much as 80 from the value to account for IPv4 and TCP options, thus an MSS smaller than 81 can potentially lead to breakage. It's not clear to me what the implication of IPv6 option headers would be.

    – kasperd
    Jan 26 at 12:41











  • Since the MTU can be as low as 68 bytes it may be necessary to fragment a TCP segment. So for the discussion in tools.ietf.org/html/rfc6691#section-2 to make sense it would have to apply before fragmentation. That means if a sender needs to use the full 40 bytes for IPv4 options and 40 bytes for TCP options and has received an MSS of 81 and has an MTU of 68. It would first produce a 121 byte TCP packet with 1 byte of payload, which is then fragmented into 8 fragments (7 of 68 bytes and one of 65 bytes). That would be a ridiculous overhead, but from my reading it's within specs.

    – kasperd
    Jan 26 at 12:49
















4















I have there a OpenVPN VPN network connection, where the MSS size 60 gets send out for some reason (don't know why yet).
EDIT: Reason: OpenVPN mssfix was mistakenly set to 1



36  92.064383   10.102.0.43 10.1.151.50 TCP 52  49991 → 63760 [SYN] Seq=0 Win=65535 Len=0 MSS=60 WS=128 SACK_PERM=1

37  92.064763   10.1.151.50 10.102.0.43 TCP 52  63760 → 49991 [SYN, ACK] Seq=0 Ack=1 Win=65535 Len=0 MSS=1460 WS=256 SACK_PERM=1


There are two devices on this network, which behave different.




  • Win 10 PC with Filezilla FTP Server

  • Embedded device (PLC) based on VxWorks with internal FTP server


The PC sets the MSS size to 536, but the PLC sets it down to 60 like requested.



41  92.171676   10.1.151.50 10.102.0.43 FTP-DATA    576 FTP Data: 536 bytes (PASV) (RETR TCData.br)

67  17.385576   10.1.151.1  10.102.0.43 FTP-DATA    100 FTP Data: 60 bytes (PASV) (RETR TCData.br)


Is that implemented on the right way on both sides?



I know that the default TCP MSS is 536, but is there a required minimum size?






ip tcp tcpip







share|improve this question

























  • I have browsed through relevant RFCs and found no mention of a minimum value for MSS. The most relevant sources I could find were tools.ietf.org/html/rfc1122#page-85 and tools.ietf.org/html/rfc6691#section-2. From this it sounds like there is no minimum value. But a sender may need to subtract as much as 80 from the value to account for IPv4 and TCP options, thus an MSS smaller than 81 can potentially lead to breakage. It's not clear to me what the implication of IPv6 option headers would be.

    – kasperd
    Jan 26 at 12:41











  • Since the MTU can be as low as 68 bytes it may be necessary to fragment a TCP segment. So for the discussion in tools.ietf.org/html/rfc6691#section-2 to make sense it would have to apply before fragmentation. That means if a sender needs to use the full 40 bytes for IPv4 options and 40 bytes for TCP options and has received an MSS of 81 and has an MTU of 68. It would first produce a 121 byte TCP packet with 1 byte of payload, which is then fragmented into 8 fragments (7 of 68 bytes and one of 65 bytes). That would be a ridiculous overhead, but from my reading it's within specs.

    – kasperd
    Jan 26 at 12:49














4












4








4








I have there a OpenVPN VPN network connection, where the MSS size 60 gets send out for some reason (don't know why yet).
EDIT: Reason: OpenVPN mssfix was mistakenly set to 1



36  92.064383   10.102.0.43 10.1.151.50 TCP 52  49991 → 63760 [SYN] Seq=0 Win=65535 Len=0 MSS=60 WS=128 SACK_PERM=1

37  92.064763   10.1.151.50 10.102.0.43 TCP 52  63760 → 49991 [SYN, ACK] Seq=0 Ack=1 Win=65535 Len=0 MSS=1460 WS=256 SACK_PERM=1


There are two devices on this network, which behave different.




  • Win 10 PC with Filezilla FTP Server

  • Embedded device (PLC) based on VxWorks with internal FTP server


The PC sets the MSS size to 536, but the PLC sets it down to 60 like requested.



41  92.171676   10.1.151.50 10.102.0.43 FTP-DATA    576 FTP Data: 536 bytes (PASV) (RETR TCData.br)

67  17.385576   10.1.151.1  10.102.0.43 FTP-DATA    100 FTP Data: 60 bytes (PASV) (RETR TCData.br)


Is that implemented on the right way on both sides?



I know that the default TCP MSS is 536, but is there a required minimum size?






ip tcp tcpip







share|improve this question
















I have there a OpenVPN VPN network connection, where the MSS size 60 gets send out for some reason (don't know why yet).
EDIT: Reason: OpenVPN mssfix was mistakenly set to 1



36  92.064383   10.102.0.43 10.1.151.50 TCP 52  49991 → 63760 [SYN] Seq=0 Win=65535 Len=0 MSS=60 WS=128 SACK_PERM=1

37  92.064763   10.1.151.50 10.102.0.43 TCP 52  63760 → 49991 [SYN, ACK] Seq=0 Ack=1 Win=65535 Len=0 MSS=1460 WS=256 SACK_PERM=1


There are two devices on this network, which behave different.




  • Win 10 PC with Filezilla FTP Server

  • Embedded device (PLC) based on VxWorks with internal FTP server


The PC sets the MSS size to 536, but the PLC sets it down to 60 like requested.



41  92.171676   10.1.151.50 10.102.0.43 FTP-DATA    576 FTP Data: 536 bytes (PASV) (RETR TCData.br)

67  17.385576   10.1.151.1  10.102.0.43 FTP-DATA    100 FTP Data: 60 bytes (PASV) (RETR TCData.br)


Is that implemented on the right way on both sides?



I know that the default TCP MSS is 536, but is there a required minimum size?






ip tcp tcpip




ip tcp tcpip






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Jan 26 at 3:37







Michael Uray

















asked Jan 26 at 2:15









Michael UrayMichael Uray

212




212













  • I have browsed through relevant RFCs and found no mention of a minimum value for MSS. The most relevant sources I could find were tools.ietf.org/html/rfc1122#page-85 and tools.ietf.org/html/rfc6691#section-2. From this it sounds like there is no minimum value. But a sender may need to subtract as much as 80 from the value to account for IPv4 and TCP options, thus an MSS smaller than 81 can potentially lead to breakage. It's not clear to me what the implication of IPv6 option headers would be.

    – kasperd
    Jan 26 at 12:41











  • Since the MTU can be as low as 68 bytes it may be necessary to fragment a TCP segment. So for the discussion in tools.ietf.org/html/rfc6691#section-2 to make sense it would have to apply before fragmentation. That means if a sender needs to use the full 40 bytes for IPv4 options and 40 bytes for TCP options and has received an MSS of 81 and has an MTU of 68. It would first produce a 121 byte TCP packet with 1 byte of payload, which is then fragmented into 8 fragments (7 of 68 bytes and one of 65 bytes). That would be a ridiculous overhead, but from my reading it's within specs.

    – kasperd
    Jan 26 at 12:49



















  • I have browsed through relevant RFCs and found no mention of a minimum value for MSS. The most relevant sources I could find were tools.ietf.org/html/rfc1122#page-85 and tools.ietf.org/html/rfc6691#section-2. From this it sounds like there is no minimum value. But a sender may need to subtract as much as 80 from the value to account for IPv4 and TCP options, thus an MSS smaller than 81 can potentially lead to breakage. It's not clear to me what the implication of IPv6 option headers would be.

    – kasperd
    Jan 26 at 12:41











  • Since the MTU can be as low as 68 bytes it may be necessary to fragment a TCP segment. So for the discussion in tools.ietf.org/html/rfc6691#section-2 to make sense it would have to apply before fragmentation. That means if a sender needs to use the full 40 bytes for IPv4 options and 40 bytes for TCP options and has received an MSS of 81 and has an MTU of 68. It would first produce a 121 byte TCP packet with 1 byte of payload, which is then fragmented into 8 fragments (7 of 68 bytes and one of 65 bytes). That would be a ridiculous overhead, but from my reading it's within specs.

    – kasperd
    Jan 26 at 12:49

















I have browsed through relevant RFCs and found no mention of a minimum value for MSS. The most relevant sources I could find were tools.ietf.org/html/rfc1122#page-85 and tools.ietf.org/html/rfc6691#section-2. From this it sounds like there is no minimum value. But a sender may need to subtract as much as 80 from the value to account for IPv4 and TCP options, thus an MSS smaller than 81 can potentially lead to breakage. It's not clear to me what the implication of IPv6 option headers would be.

– kasperd
Jan 26 at 12:41





I have browsed through relevant RFCs and found no mention of a minimum value for MSS. The most relevant sources I could find were tools.ietf.org/html/rfc1122#page-85 and tools.ietf.org/html/rfc6691#section-2. From this it sounds like there is no minimum value. But a sender may need to subtract as much as 80 from the value to account for IPv4 and TCP options, thus an MSS smaller than 81 can potentially lead to breakage. It's not clear to me what the implication of IPv6 option headers would be.

– kasperd
Jan 26 at 12:41













Since the MTU can be as low as 68 bytes it may be necessary to fragment a TCP segment. So for the discussion in tools.ietf.org/html/rfc6691#section-2 to make sense it would have to apply before fragmentation. That means if a sender needs to use the full 40 bytes for IPv4 options and 40 bytes for TCP options and has received an MSS of 81 and has an MTU of 68. It would first produce a 121 byte TCP packet with 1 byte of payload, which is then fragmented into 8 fragments (7 of 68 bytes and one of 65 bytes). That would be a ridiculous overhead, but from my reading it's within specs.

– kasperd
Jan 26 at 12:49





Since the MTU can be as low as 68 bytes it may be necessary to fragment a TCP segment. So for the discussion in tools.ietf.org/html/rfc6691#section-2 to make sense it would have to apply before fragmentation. That means if a sender needs to use the full 40 bytes for IPv4 options and 40 bytes for TCP options and has received an MSS of 81 and has an MTU of 68. It would first produce a 121 byte TCP packet with 1 byte of payload, which is then fragmented into 8 fragments (7 of 68 bytes and one of 65 bytes). That would be a ridiculous overhead, but from my reading it's within specs.

– kasperd
Jan 26 at 12:49










0






active

oldest

votes











Your Answer








StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "2"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f950862%2fis-there-a-tcp-maximum-segment-size-mss-minimum%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























0






active

oldest

votes








0






active

oldest

votes









active

oldest

votes






active

oldest

votes
















draft saved

draft discarded




















































Thanks for contributing an answer to Server Fault!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f950862%2fis-there-a-tcp-maximum-segment-size-mss-minimum%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

Human spaceflight

Image
Human spaceflight From Wikipedia, the free encyclopedia Jump to navigation Jump to search "Space traveler" redirects here. For other uses, see Space traveler (disambiguation). @media all and (max-width:720px){.mw-parser-output .tmulti>.thumbinner{width:100%!important;max-width:none!important}.mw-parser-output .tmulti .tsingle{float:none!important;max-width:none!important;width:100%!important;text-align:center}} Apollo 11 crewmember Buzz Aldrin on the Moon, 1969 International Space Station crewmember Tracy Caldwell Dyson views the Earth, 2010 Space Shuttle Discovery heads into space with a crew aboard, STS-121 in 2006 Inside a space suit on the Canadarm, 1993 Human spaceflight (also referred to as crewed spaceflight or manned spaceflight ) is space travel with a crew or passengers aboard the spacecraft. Spacecraft carrying people may be operated directly, by human crew, or it may be e
Read more

Can not write log (Is /dev/pts mounted?) - openpty in Ubuntu-on-Windows?

Image
0 1 What exactly does the error message beginning with E: mean? I assume it has to do with the file structure on Ubuntu-on-Windows, but what exactly? The following package was automatically installed and is no longer required: os-prober Use 'apt-get autoremove' to remove it. The following extra packages will be installed: libxslt1.1 The following NEW packages will be installed: libxslt1.1 xmlstarlet 0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded. Need to get 435 kB of archives. After this operation, 1023 kB of additional disk space will be used. Get:1 http://archive.ubuntu.com/ubuntu/ trusty/main libxslt1.1 amd64 1.1.28-2build1 [145 kB] Get:2 http://archive.ubuntu.com/ubuntu/ trusty/universe xmlstarlet amd64 1.5.0-1 [290 kB]
Read more

File:DeusFollowingSea.jpg

Image
File:DeusFollowingSea.jpg From Wikipedia, the free encyclopedia Jump to navigation Jump to search File File history File usage No higher resolution available. DeusFollowingSea.jpg ‎ (238 × 211 pixels, file size: 12 KB, MIME type: image/jpeg ) Summary [ edit ] Media data and Non-free use rationale Description Cover art of the Deus CD Following Sea Author or copyright owner Deus Source (WP:NFCC#4) rocksucker.co.uk Date of publication 2012 Use in article (WP:NFCC#7) Following Sea Purpose of use in article (WP:NFCC#8) to serve as the primary means of visual identification at the top of the article dedicated to the work in question. Not replaceable with free media because (WP:NFCC#1) n.a. Minimal use (WP:NFCC#3) Low res image used in infobox of the article on the album Respect for commercial opportunities (WP:NFCC#2) n.a. Fair use Fair use of co
Read more