fir3net
PPS-Firenetbanner-780.5x190-30-03-17

How To Adjust the MSS on a Vyatta vRouter

In order to adjust the MSS of your traffic on a vRouter, also known as MSS clamping, a policy route is defined. Once the policy route is created it is then assigned to the outside interface.
MSS Clamping is typically used for IPSEC based traffic to ensure that traffic does not exceed the MTU of the path, due the additional overhead that the IPSEC represent.

Below is an example based on clamping IPSEC traffic,

set policy route MSS-CLAMP rule 10 source address <LOCAL_ENCDOM>
set policy route MSS-CLAMP rule 10 destination address <REMOTE_ENCDOM>
set policy route MSS-CLAMP rule 10 protocol tcp
set policy route MSS-CLAMP rule 10 set tcp-mss 1300
set policy route MSS-CLAMP rule 10 tcp flag SYN

set interfaces ethernet eth1 policy route MSS-CLAMP

Tags: Brocade, IPSEC, vRouter, MSS

About the Author

RDonato

R Donato

Rick Donato is the Founder and Chief Editor of Fir3net.com. He currently works as a Principal Network Security Engineer and has a keen interest in automation and the cloud.

You can find Rick on Twitter @f3lix001