fir3net

PPS-Firenetbanner-780.5x190-30-03-17

How To Adjust the MSS on a Vyatta vRouter

In order to adjust the MSS of your traffic on a vRouter, also known as MSS clamping, a policy route is defined. Once the policy route is created it is then assigned to the outside interface.
MSS Clamping is typically used for IPSEC based traffic to ensure that traffic does not exceed the MTU of the path, due the additional overhead that the IPSEC represent.

Below is an example based on clamping IPSEC traffic,

set policy route MSS-CLAMP rule 10 source address <LOCAL_ENCDOM>
set policy route MSS-CLAMP rule 10 destination address <REMOTE_ENCDOM>
set policy route MSS-CLAMP rule 10 protocol tcp
set policy route MSS-CLAMP rule 10 set tcp-mss 1300
set policy route MSS-CLAMP rule 10 tcp flag SYN

set interfaces ethernet eth1 policy route MSS-CLAMP

Tags: Brocade, IPSEC, vRouter, MSS