[j-nsp] SSH/Telnet session hanging
Serge Vautour
sergevautour at yahoo.ca
Thu Jun 2 08:44:38 EDT 2011
Hello,
I'm confused by your statement that BGP is limited to 4096. I have BGP peers up
with 8192:
tcp4 0 0 10.10.80.50.179
10.10.80.52.63812 ESTABLISHED
sndsbcc: 0 sndsbmbcnt: 0 sndsbmbmax: 131072
sndsblowat: 2048 sndsbhiwat: 16384
rcvsbcc: 0 rcvsbmbcnt: 0 rcvsbmbmax: 131072
rcvsblowat: 1 rcvsbhiwat: 16384
proc id: 0 proc name:
iss: 2525048599 sndup: 2525116373
snduna: 2525116373 sndnxt: 2525116373 sndwnd: 16384
sndmax: 2525116373 sndcwnd: 16384 sndssthresh: 1073725440
irs: 1970444719 rcvup: 1970506707
rcvnxt: 1970506707 rcvadv: 1970523091 rcvwnd: 16384
rtt: 0 srtt: 3361 rttv: 126
rxtcur: 1200 rxtshift: 0 rtseq: 2525116354
rttmin: 1000 mss: 8192
flags: REQ_SCALE RCVD_SCALE REQ_TSTMP RCVD_TSTMP [0x30001e0]
>From what I've been able to tell the peers negotiate the MSS as high as possible
as a multiple of a power of 2.
Serge
----- Original Message ----
From: Richard A Steenbergen <ras at e-gerbil.net>
To: Mark Tinka <mtinka at globaltransit.net>
Cc: juniper-nsp at puck.nether.net
Sent: Wed, June 1, 2011 9:49:51 PM
Subject: Re: [j-nsp] SSH/Telnet session hanging
On Thu, Jun 02, 2011 at 02:16:32AM +0800, Mark Tinka wrote:
>
> We have two networks, they all run Jumbo frames across the
> board. One does 9,192 bytes, the other does 9,000 bytes.
>
> In all cases, we decided to set the 'tcp-mss' in Junos
> systems to 1,500 bytes, which is the lowest MTU we have in
> our network - toward our upstreams and peers.
Well first off I hope you actually meant "something LOWER than 1500
bytes", since tcp-mss doesn't include the headers that go into making up
the 1500 byte IP packet. At a minimum you're looking at 20 bytes of IP +
20 bytes of TCP, so an mss of 1460, but don't forget to leave room for
things like TCP MD5.
But more importantly, the maximum packet size for BGP is limited to 4096
anyways, so the 9000 vs 9192 path mtu really doesn't make any difference
at all. :) I suppose I could also take this opportunity to gripe about
an ongoing bug where Juniper's TCP stack occasionally thinks that the
mss is ~64k, resulting in blackholing of the tcp packets and endlessly
flapping sessions, but if I get started bitching about new junos bugs
that are making my life hell right now I might not be able to stop. :(
--
Richard A Steenbergen <ras at e-gerbil.net> http://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list