Jim_Moore
Jan 05, 2012Nimbostratus
Proxy MSS
We have a need due to branch router encryption to enable Proxy MSS on our LTM's. When this is enabled my understanding is that client MSS will be passed through so the server sends using client MSS si...
Also a buffer is needed otherwise the F5 couldnt perform any analysis on the packet itself.
So im pretty sure there is already a buffers in the design of the F5 :-)
The buffersize in this case would only need to be twice the MTU size, the packet to be sent + remain (FIFO-buffer).
But again, F5 perhaps isnt a true proxy?
According to http://www.f5.com/pdf/white-papers/tcpexpress-wp.pdf the F5 will do what I asked about, maintain one mss towards client and one towards mss and buffer in between. I suppose this also means that the default value of "proxy mss" (disabled?) means that this feature is in action (because its described as default behaviour in this document) and if you change the value of "proxy mss" (into enabled?) the F5 will start to behave like a regular router (creating fragments as worst case) - or did I misunderstand what this document tries to tell me? ;-)