[c-nsp] ip tcp adjust-mss
Tony
td_miles at yahoo.com
Mon Nov 4 15:50:52 EST 2013
For starters that is an ICMP trace, so even if you were to use "tcp
adjuct-mss" as the command suggests it only affects TCP packets, so your "mturoute" output would be identical.
You could set the "adjust-mss" command on ANY router between the source
& destination which will force that router to look at all TCP SYN
packets going through it and change the MSS value in any of them to be
the value you specified (I would assume it does nothing if MTU is
already smaller). Typically you would do it on the router you control on
your edge.
One of the reasons it is not a "solution" is that it only works for TCP.
Any traffic that is not TCP (eg. UDP, ICMP, GRE, etc) will not be
affected by "adjust-mss" and so the device will still be using 1500 and
so if DF is set then these protocol will still fail.
My interpretationof your "mturoute" is that one particular host has a lower MTU, but it
is NOT affecting traffic passing through it. There are several reasons
why this might be the case. If this router was restricting the MTU of
packets passing through it then all hops beyond this router would also
have a lower MTU, but this isn't happening as your final destination
reports 1500.
The mturoute page has a lot of good information that explains this and
other limitations of the utility and also some suggested diagnosis.
http://www.elifulkerson.com/projects/mturoute.php
Did you TRY setting the adjust-mss to see if it fixes your site not
loading issue ? If you don't want to do it on your router you can just
set the MTU on the interface of the host you are testing from. This is
OS specific so you'll have to look up instructions on how to do it on
your box (eg. Windows involves changing a registry setting, Linux you
specify it as parameter for "ifconfig", etc).
regards,
Tony.
________________________________
From: Methsri Wickramarathna <mmethw2003 at gmail.com>
To: Pete Lumbis <alumbis at gmail.com>
Cc: "cisco-nsp at puck.nether.net" <cisco-nsp at puck.nether.net>
Sent: Tuesday, 5 November 2013 2:54 AM
Subject: Re: [c-nsp] ip tcp adjust-mss
Thanks Pete,
If not a problem can any one look in to following mturoute taken ??? :)
E:\>mturoute -t www.ubnt.com
mturoute to www.ubnt.com, 30 hops max, variable sized packets
* ICMP Fragmentation is not permitted. *
* Speed optimization is enabled. *
* Maximum payload is 10000 bytes. *
1 +- host: 116.12.78.1 max: 1500 bytes
2 +- host: 203.143.0.36 max: 1500 bytes
3 +- host: 203.143.1.25 max: 1500 bytes
4 +- host: 125.22.195.249 max: 1500 bytes
5 +- host: 123.62.129.194 max: 1500 bytes
6 +- host: 4.26.0.89 max: 1500 bytes
7 +- host: 4.69.144.62 max: 1500 bytes
8 +- host: 4.69.137.33 max: 1500 bytes
9 +- host: 4.69.132.82 max: 1500 bytes
10 +- host: 4.69.134.130 max: 1500 bytes
11 +- host: 4.69.149.13 max: 1500 bytes
12 ...-.- host: 4.28.125.110 not responding
13 .-.- host: 72.21.220.141 not responding
14 .-.- host: 205.251.245.63 not responding
15 No response from traceroute for this TTL. Tried 3 times
16 No response from traceroute for this TTL. Tried 3 times
17 No response from traceroute for this TTL. Tried 3 times
18 .-+++++++++.-++ * host: 216.182.224.79 max: 1496 bytes*
19 No response from traceroute for this TTL. Tried 3 times
20 No response from traceroute for this TTL. Tried 3 times
21 No response from traceroute for this TTL. Tried 3 times
22 No response from traceroute for this TTL. Tried 3 times
23 No response from traceroute for this TTL. Tried 3 times
24 ++--+---+++-+++- host: 23.21.93.68 max: 1500 bytes
There's an MTU issue @ the host 216.182.224.79 and simply this site is not
loading. The Interesting part is I'm using a /28 block belongs
116.12.78.0/28 , My IP is 116.12.78.11 and above site is working properly
there's an another IP 116.12.78.6 for that IP this site is not working :(
:( . When I asked this about from my UPStream provider they are either
willingly or unwillingly not responding properly. They are asking me to
configure my edge router with the command " *ip tcp adjust-mss *". *Any
idea regarding which end having this PMTU issue ????*
On Mon, Nov 4, 2013 at 9:04 PM, Pete Lumbis <alumbis at gmail.com> wrote:
> On ASR1k the MSS adjustment is done on the QFP (the ESP or "in hardware").
> Again, this behavior varies from platform to platform.
>
>
> On Sun, Nov 3, 2013 at 11:47 PM, Methsri Wickramarathna <
> mmethw2003 at gmail.com> wrote:
>
>> Thanks Pete!!!
>>
>> We are using ASR 1001 series , can configure but I want to make sure
>> before doing it
>>
>>
>> On Sat, Nov 2, 2013 at 1:53 AM, Pete Lumbis <alumbis at gmail.com> wrote:
>>
>>> Most platforms can't do this in hardware and have to punt the SYN and/or
>>> SYN/ACK packets. Use caution at scale
>>>
>>>
>>> On Fri, Nov 1, 2013 at 7:15 AM, Methsri Wickramarathna <
>>> mmethw2003 at gmail.com> wrote:
>>>
>>>> Hi all ,
>>>> Is it wise to use ip tcp adjust-mss on a ISP gateway router ???
>>>>
>>>> --
>>>> --
>>>> ________´$$$$`_____________________________,,,_
>>>> _______´$$$$$$$`_________________________´$$$`
>>>> ________`$$$$$$$`______,,________,,_______´$$$$´
>>>> _________`$$$$$$$`____´$$`_____´$$`____´$$$$$´
>>>> __________`$$$$$$$`_´$$$$$`_´$$$$$`__´$$$$$$$´
>>>> ___________`$$$$$$$_$$$$$$$_$$$$$$$_´$$$$$$$´_
>>>> ____________`$$$$$$_$$$$$$$_$$$$$$$`´$$$$$$´_
>>>> ___,,,,,,______`$$$$$$_$$$$$$$_$$$$$$$_$$$$$$´_
>>>> _´$$$$$`____`$$$$$$_$$$$$$$_$$$$$$$_$$$$$$´_
>>>> ´$$$$$$$$$`´$$$$$$$_$$$$$$$_$$$$$$$_$$$$$´_
>>>> ´$$$$$$$$$$$$$$$$$$_$$$$$$$_$$$$$$$_$$$$$´_
>>>> ___`$$$$$$$$$$$$$$$_$$$$$$$_$$$$$$_$$$$$$´_
>>>> ______`$$$$$$$$$$$$$_$$$$$__$$_$$$$$$_$$´_
>>>> _______`$$$$$$$$$$$$,___,$$$$,_____,$$$$$´_
>>>> _________`$$$$$$$$$$$$$$$$$$$$$$$$$$$$$´_
>>>> __________`$$$$$$$$$$$$$$$$$$$$$$$$$$$´_
>>>> ____________`$$$$$$$$$$$$$$$$$$$$$$$$´_
>>>> _______________`$$$$$$$$$$$$$$$$$$$$´_
>>>>
>>>> ~~( ŊëŌ )~~
>>>> _______________________________________________
>>>> cisco-nsp mailing list cisco-nsp at puck.nether.net
>>>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>>>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>>
>>>
>>>
>>
>>
>> --
>> --
>> ________´$$$$`_____________________________,,,_
>> _______´$$$$$$$`_________________________´$$$`
>> ________`$$$$$$$`______,,________,,_______´$$$$´
>> _________`$$$$$$$`____´$$`_____´$$`____´$$$$$´
>> __________`$$$$$$$`_´$$$$$`_´$$$$$`__´$$$$$$$´
>> ___________`$$$$$$$_$$$$$$$_$$$$$$$_´$$$$$$$´_
>> ____________`$$$$$$_$$$$$$$_$$$$$$$`´$$$$$$´_
>> ___,,,,,,______`$$$$$$_$$$$$$$_$$$$$$$_$$$$$$´_
>> _´$$$$$`____`$$$$$$_$$$$$$$_$$$$$$$_$$$$$$´_
>> ´$$$$$$$$$`´$$$$$$$_$$$$$$$_$$$$$$$_$$$$$´_
>> ´$$$$$$$$$$$$$$$$$$_$$$$$$$_$$$$$$$_$$$$$´_
>> ___`$$$$$$$$$$$$$$$_$$$$$$$_$$$$$$_$$$$$$´_
>> ______`$$$$$$$$$$$$$_$$$$$__$$_$$$$$$_$$´_
>> _______`$$$$$$$$$$$$,___,$$$$,_____,$$$$$´_
>> _________`$$$$$$$$$$$$$$$$$$$$$$$$$$$$$´_
>> __________`$$$$$$$$$$$$$$$$$$$$$$$$$$$´_
>> ____________`$$$$$$$$$$$$$$$$$$$$$$$$´_
>> _______________`$$$$$$$$$$$$$$$$$$$$´_
>>
>> ~~( ŊëŌ )~~
>>
>
>
--
--
________´$$$$`_____________________________,,,_
_______´$$$$$$$`_________________________´$$$`
________`$$$$$$$`______,,________,,_______´$$$$´
_________`$$$$$$$`____´$$`_____´$$`____´$$$$$´
__________`$$$$$$$`_´$$$$$`_´$$$$$`__´$$$$$$$´
___________`$$$$$$$_$$$$$$$_$$$$$$$_´$$$$$$$´_
____________`$$$$$$_$$$$$$$_$$$$$$$`´$$$$$$´_
___,,,,,,______`$$$$$$_$$$$$$$_$$$$$$$_$$$$$$´_
_´$$$$$`____`$$$$$$_$$$$$$$_$$$$$$$_$$$$$$´_
´$$$$$$$$$`´$$$$$$$_$$$$$$$_$$$$$$$_$$$$$´_
´$$$$$$$$$$$$$$$$$$_$$$$$$$_$$$$$$$_$$$$$´_
___`$$$$$$$$$$$$$$$_$$$$$$$_$$$$$$_$$$$$$´_
______`$$$$$$$$$$$$$_$$$$$__$$_$$$$$$_$$´_
_______`$$$$$$$$$$$$,___,$$$$,_____,$$$$$´_
_________`$$$$$$$$$$$$$$$$$$$$$$$$$$$$$´_
__________`$$$$$$$$$$$$$$$$$$$$$$$$$$$´_
____________`$$$$$$$$$$$$$$$$$$$$$$$$´_
_______________`$$$$$$$$$$$$$$$$$$$$´_
~~( ŊëŌ )~~
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list