[j-nsp] SSH/Telnet session hanging

Serge Vautour sergevautour at yahoo.ca
Thu Jun 2 08:44:38 EDT 2011 

Hello,

I'm confused by your statement that BGP is limited to 4096. I have BGP peers up 
with 8192:

tcp4       0      0  10.10.80.50.179                               
10.10.80.52.63812                             ESTABLISHED
   sndsbcc:          0 sndsbmbcnt:          0  sndsbmbmax:     131072
sndsblowat:       2048 sndsbhiwat:      16384
   rcvsbcc:          0 rcvsbmbcnt:          0  rcvsbmbmax:     131072
rcvsblowat:          1 rcvsbhiwat:      16384
   proc id:          0  proc name:
       iss: 2525048599      sndup: 2525116373
    snduna: 2525116373     sndnxt: 2525116373      sndwnd:      16384
    sndmax: 2525116373    sndcwnd:      16384 sndssthresh: 1073725440
       irs: 1970444719      rcvup: 1970506707
    rcvnxt: 1970506707     rcvadv: 1970523091      rcvwnd:      16384
       rtt:          0       srtt:       3361        rttv:        126
    rxtcur:       1200   rxtshift:          0       rtseq: 2525116354
    rttmin:       1000  mss:       8192
     flags: REQ_SCALE RCVD_SCALE REQ_TSTMP RCVD_TSTMP [0x30001e0]

>From what I've been able to tell the peers negotiate the MSS as high as possible 
as a multiple of a power of 2.


Serge



----- Original Message ----
From: Richard A Steenbergen <ras at e-gerbil.net>
To: Mark Tinka <mtinka at globaltransit.net>
Cc: juniper-nsp at puck.nether.net
Sent: Wed, June 1, 2011 9:49:51 PM
Subject: Re: [j-nsp] SSH/Telnet session hanging

On Thu, Jun 02, 2011 at 02:16:32AM +0800, Mark Tinka wrote:
> 
> We have two networks, they all run Jumbo frames across the 
> board. One does 9,192 bytes, the other does 9,000 bytes.
> 
> In all cases, we decided to set the 'tcp-mss' in Junos 
> systems to 1,500 bytes, which is the lowest MTU we have in 
> our network - toward our upstreams and peers.

Well first off I hope you actually meant "something LOWER than 1500 
bytes", since tcp-mss doesn't include the headers that go into making up 
the 1500 byte IP packet. At a minimum you're looking at 20 bytes of IP + 
20 bytes of TCP, so an mss of 1460, but don't forget to leave room for 
things like TCP MD5.

But more importantly, the maximum packet size for BGP is limited to 4096 
anyways, so the 9000 vs 9192 path mtu really doesn't make any difference 
at all. :) I suppose I could also take this opportunity to gripe about 
an ongoing bug where Juniper's TCP stack occasionally thinks that the 
mss is ~64k, resulting in blackholing of the tcp packets and endlessly 
flapping sessions, but if I get started bitching about new junos bugs 
that are making my life hell right now I might not be able to stop. :(

-- 
Richard A Steenbergen <ras at e-gerbil.net>      http://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

More information about the juniper-nsp mailing list