Forum Discussion

toto66's avatar
toto66
Icon for Nimbostratus rankNimbostratus
Jul 25, 2012

Packet analysis in Wireshark possible MSS issue?

Hello,

 

 

we have an issue in the customer network.

 

The Client (ADSL CPE) initiates the session to our System.

 

The packet successfully passed the customer Firewall and receivers then at the F5 BigIP LTM pair.

 

As we have issues with (Fast)Retransmissions and (multiple) Duplicate Acks I analysed a Wireshark trace in detail.

 

 

 

You can see the 2 relevant packets in attachment.

 

The Clients sends the SYN Packet. This packet includes the Maximum Segment Size of 1360 Bytes (which is good for ADSL).

 

In the SYN-ACK packet from the F5 LB to the IAD the MSS is now set to 1460. 1460 is too large for the CPE.

 

 

 

As I can see in further packets 1460 is used for further communication. This results in fragmentation and loss of performance/utilization.

 

 

 

The question is now: Why is the F5 LTM sending 1460 as MSS and is not using the 1360 "suggested" from the client?

 

 

 

Thanks for any help!

 

Cheers

 

 

 

 

 

 

 

 

 

 

 

  • I see this same behavior. I'm not sure if this is the intended behavior yet or if this is causing a specific application error we are seeing with windows mobile devices.
  • Another possible option, http://support.f5.com/kb/en-us/solutions/public/7000/500/sol7559.html

     

     

    Proxy Maximum Segment Disabled This setting specifies that the system advertises the same maximum segment size (MSS) to the server as that of the client.