In order to adjust the MSS of your traffic on a vRouter, also known as MSS clamping, a policy route is defined. Once the policy route is created it is then assigned to the outside interface.
MSS Clamping is typically used for IPSEC based traffic to ensure that traffic does not exceed the MTU of the path, due the additional overhead that the IPSEC represent.
Below is an example based on clamping IPSEC traffic,
set policy route MSS-CLAMP rule 10 source address <LOCAL_ENCDOM>
set policy route MSS-CLAMP rule 10 destination address <REMOTE_ENCDOM>
set policy route MSS-CLAMP rule 10 protocol tcp
set policy route MSS-CLAMP rule 10 set tcp-mss 1300
set policy route MSS-CLAMP rule 10 tcp flag SYN
set interfaces ethernet eth1 policy route MSS-CLAMP
Rick Donato is a Network Automation Architect/Evangelist and the founder of Packet Coders.
Latest posts by Rick Donato (see all)
- How to Configure a BIND Server on Ubuntu - March 15, 2018
- What is a BGP Confederation? - March 6, 2018
- Cisco – What is BGP ORF (Outbound Route Filtering)? - March 5, 2018
Want to become a networking expert?
Here is our hand-picked selection of the best courses you can find online:
Cisco CCNA 200-301 Certification Gold Bootcamp
Complete Cyber Security Course – Network Security
Internet Security Deep Dive course
Python Pro Bootcamp
and our recommended certification practice exams:
AlphaPrep Practice Tests - Free Trial