I was reading through my past documents and came across a scenario where I had to reduce the TCP MSS on routers for the connection to work propoerly. So I am writing this post in order to note it down and to help anyone looking for similar solution.
We were implementing DMVPN network and during the migration, the network was very slow. The client did not accept the test and we had to rollback the migration. Then we set up a small POC mirroring the client environment (we did a POC before migration but did not reflect the specific client network) and started troubleshooting and soon we realized that we had to reduce the TCP MSS (Maximu segment size) on the router for DMVPN to work properly.
We faced similar issue with another client this time with GET VPN implementation and the same solution did the trick for us. This act of reducing the TCP MSS is called MSS Clamping. On cisco routers, we can use following commnds to reduce the TCP MSS.
interface gi0/1
ip address 10.10.10.1 255.255.255.0
ip tcp adjust-mss 1360
No comments:
Post a Comment