[j-nsp] Does EX4200 support changing TCP-MSS on transit packets?
Saku Ytti
saku at ytti.fi
Tue Feb 25 03:11:41 EST 2014
On (2014-02-24 17:17 -0800), Yucong Sun wrote:
> nope: at least for J-series, it will modify all packets passing through
> the device: check this
>
> http://www.juniper.net/techpubs/en_US/junos12.1/topics/example/session-tcp-maximum-segment-size-for-srx-series-setting-cli.html
>
> espeically the text in the box. It is obviously clunky, but without I'm
> stuck with a linux gateway with a iptables rule.
I'm really surprised if that actually works. Since does this mean, you cannot
effectively safely set system MSS without side-effects to transit data?
Seems like huge hammer.
I really hope that is documentation error, since over-loading configuration
statement like that seems downright dangerous.
--
++ytti
More information about the juniper-nsp
mailing list