We have a need due to branch router encryption to enable Proxy MSS on our LTM's. When this is enabled my understanding is that client MSS will be passed through so the server sends using client MSS size. No fragmentation which is good.
My question is could there be any negitive impact enabling this feature (small packet DOS?). We are having a debate on if we should enable this everywhere or only on the VIPs impacted.
My thought is that this is disabled for a reason but I wanted to get the communities take. I think we have a valid use case but not sure about enabling it everywhere.