It's not *necessarily* a buggy device. I meant to explain why could the problem be anywhere.
That said, if negotiation is being kept at 1460, you possibly have a link (like DSLs do) that has a lower MTU but the router doesn't know. Just follow Juergen's advice: set MSS to conservative values on a far end and see if it helps. Then play with the value to see how high you can go. On 11/04/2013 09:54 PM, Methsri Wickramarathna wrote: > I have captured and analyzed the packets from wireshark and it shows MSS > agreement is set to 1460. Is there any convenient way to track the buggy > device ??? > > > On Tue, Nov 5, 2013 at 10:39 AM, Octavio Alvarez > <[email protected] <mailto:[email protected]>> wrote: > > It could be anywhere. > > I remember seeing buggy devices that didn't dynamically adapt to > intermediate TCP MSS modifications. We had to analyze the TCP headers on > the streams to find this out. It was a reflected symptom. > > I've also seen it on DSL links that didn't had "ip tcp adjust-mss 1452" > in place. > > > > On 11/04/2013 08:09 PM, Methsri Wickramarathna wrote: > > Thanks Blake & Tony, > > > > Is this issue with My end core router , destination end device or > > intermediate device ??? > > > > Is there any way I can find this ??? > > > > > > > > On Tue, Nov 5, 2013 at 7:22 AM, Blake Dunlap <[email protected] > <mailto:[email protected]>> wrote: > > > >> Yes. Don't do that. > >> > >> > >> On Mon, Nov 4, 2013 at 6:59 PM, Methsri Wickramarathna < > >> [email protected] <mailto:[email protected]>> wrote: > >> > >>> Thanks Tony , John and Juergan... > >>> > >>> This has been issue for many sites mainly towards yahoo.com > <http://yahoo.com>. Can any one > >>> explain why this is happening for particular IPs in a subnet ??? > >>> We are using access list inbound & Outbound to prevent ICMPs cumming > >>> inside > >>> to our network, will it be creating this problem ???? > >>> > >>> > >>> On Tue, Nov 5, 2013 at 3:23 AM, <[email protected] > <mailto:[email protected]>> wrote: > >>> > >>>> Hi, this looks like a CPE-device > >>>> With static IP-adresses and routing. > >>>> > >>>> You may really want to set "ip tcp adjust-mss 1280" > >>>> on _both_ your WAN and your (probably natted) LAN (L3) Interfaces. > >>>> (_both_ sides, yes !) > >>>> > >>>> This will help you in most cases with > >>>> MTU restrictions on > >>>> - your link > >>>> - home-"web"servers behind Broadband links > >>>> etc. > >>>> > >>>> Yes, the value is not optimized but very computerish ( 2**10 + > 2**8 ), > >>>> but it is good for > >>>> - pppoe (1500-8=1492) > >>>> - l2tp forwarded dial-in sessions (l2tp overhead+pppoe leads to > 1456) > >>>> - even with an additional vlan tag ( so MTU will be 1452 found > in most > >>>> literature) > >>>> - some other tunneled environments > >>>> > >>>> Iff you are an ISP, > >>>> you will configure this _only_ on the virtual-template interfaces > >>>> on your LNSes for broadband-termination . > >>>> > >>>> Keep it out of your core, > >>>> You will not want to modify your valued customer's ip packets > >>>> in your core network; here you want to use a MTU greater than 1500 > >>>> while on your BGP up/downstreams will stay at Ethernet-default > 1500 . > >>>> > >>>> Sorry, very conservative, but will avoid may problems. > >>>> > >>>> Just my 0.01 $ on this > >>>> > >>>> Juergen. > >>>> > >>>>> -----Ursprüngliche Nachricht----- > >>>>> Von: cisco-nsp [mailto:[email protected] > <mailto:[email protected]>] Im Auftrag > >>>>> von Methsri Wickramarathna > >>>>> Gesendet: lundi 4 novembre 2013 17:55 > >>>>> An: Pete Lumbis > >>>>> Cc: [email protected] <mailto:[email protected]> > >>>>> Betreff: Re: [c-nsp] ip tcp adjust-mss > >>>>> > >>>>> Thanks Pete, > >>>>> > >>>>> If not a problem can any one look in to following mturoute > taken ??? > >>> :) > >>>>> > >>>>> E:\>mturoute -t www.ubnt.com <http://www.ubnt.com> > >>>>> mturoute to www.ubnt.com <http://www.ubnt.com>, 30 hops max, > variable sized packets > >>>>> * ICMP Fragmentation is not permitted. * > >>>>> * Speed optimization is enabled. * > >>>>> * Maximum payload is 10000 bytes. * > >>>>> 1 +- host: 116.12.78.1 max: 1500 bytes > >>>> [...] > >>>> > >>>> > >>> > >>> > >>> -- > >>> -- > >>> ________´$$$$`_____________________________,,,_ > >>> _______´$$$$$$$`_________________________´$$$` > >>> ________`$$$$$$$`______,,________,,_______´$$$$´ > >>> _________`$$$$$$$`____´$$`_____´$$`____´$$$$$´ > >>> __________`$$$$$$$`_´$$$$$`_´$$$$$`__´$$$$$$$´ > >>> ___________`$$$$$$$_$$$$$$$_$$$$$$$_´$$$$$$$´_ > >>> ____________`$$$$$$_$$$$$$$_$$$$$$$`´$$$$$$´_ > >>> ___,,,,,,______`$$$$$$_$$$$$$$_$$$$$$$_$$$$$$´_ > >>> _´$$$$$`____`$$$$$$_$$$$$$$_$$$$$$$_$$$$$$´_ > >>> ´$$$$$$$$$`´$$$$$$$_$$$$$$$_$$$$$$$_$$$$$´_ > >>> ´$$$$$$$$$$$$$$$$$$_$$$$$$$_$$$$$$$_$$$$$´_ > >>> ___`$$$$$$$$$$$$$$$_$$$$$$$_$$$$$$_$$$$$$´_ > >>> ______`$$$$$$$$$$$$$_$$$$$__$$_$$$$$$_$$´_ > >>> _______`$$$$$$$$$$$$,___,$$$$,_____,$$$$$´_ > >>> _________`$$$$$$$$$$$$$$$$$$$$$$$$$$$$$´_ > >>> __________`$$$$$$$$$$$$$$$$$$$$$$$$$$$´_ > >>> ____________`$$$$$$$$$$$$$$$$$$$$$$$$´_ > >>> _______________`$$$$$$$$$$$$$$$$$$$$´_ > >>> > >>> ~~( ŊëŌ )~~ > >>> _______________________________________________ > >>> cisco-nsp mailing list [email protected] > <mailto:[email protected]> > >>> https://puck.nether.net/mailman/listinfo/cisco-nsp > >>> archive at http://puck.nether.net/pipermail/cisco-nsp/ > >>> > >> > >> > > > > > > > > > -- > -- > ________´$$$$`_____________________________,,,_ > _______´$$$$$$$`_________________________´$$$` > ________`$$$$$$$`______,,________,,_______´$$$$´ > _________`$$$$$$$`____´$$`_____´$$`____´$$$$$´ > __________`$$$$$$$`_´$$$$$`_´$$$$$`__´$$$$$$$´ > ___________`$$$$$$$_$$$$$$$_$$$$$$$_´$$$$$$$´_ > ____________`$$$$$$_$$$$$$$_$$$$$$$`´$$$$$$´_ > ___,,,,,,______`$$$$$$_$$$$$$$_$$$$$$$_$$$$$$´_ > _´$$$$$`____`$$$$$$_$$$$$$$_$$$$$$$_$$$$$$´_ > ´$$$$$$$$$`´$$$$$$$_$$$$$$$_$$$$$$$_$$$$$´_ > ´$$$$$$$$$$$$$$$$$$_$$$$$$$_$$$$$$$_$$$$$´_ > ___`$$$$$$$$$$$$$$$_$$$$$$$_$$$$$$_$$$$$$´_ > ______`$$$$$$$$$$$$$_$$$$$__$$_$$$$$$_$$´_ > _______`$$$$$$$$$$$$,___,$$$$,_____,$$$$$´_ > _________`$$$$$$$$$$$$$$$$$$$$$$$$$$$$$´_ > __________`$$$$$$$$$$$$$$$$$$$$$$$$$$$´_ > ____________`$$$$$$$$$$$$$$$$$$$$$$$$´_ > _______________`$$$$$$$$$$$$$$$$$$$$´_ > > ~~( ŊëŌ )~~ _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
