Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
MSS Clamping
« previous
next »
Print
Pages: [
1
]
Author
Topic: MSS Clamping (Read 1366 times)
MagikMark
Newbie
Posts: 39
Karma: 2
MSS Clamping
«
on:
December 13, 2023, 12:21:23 am »
I'm considering MSS value 1448. I just would like to confirm that I understood it right what is indicated on the "help". It would deduct a value of 40 on the MSS field. So, the value that I need to put on the field is MSS 1488. Is that right?
Logged
Monviech (Cedrik)
Global Moderator
Hero Member
Posts: 1613
Karma: 176
Re: MSS Clamping
«
Reply #1 on:
December 13, 2023, 09:50:01 am »
You have to subtract it from the MTU.
If your MTU is 1500 bytes and you have IPv6 TCP packets that are 60 bytes (IPv6 + TCP header size), your MSS would be 1440 bytes.
Logged
Hardware:
DEC740
Patrick M. Hausen
Hero Member
Posts: 6833
Karma: 574
Re: MSS Clamping
«
Reply #2 on:
December 13, 2023, 10:21:51 am »
Monviech, the help text in the UI explicitly states that OPNsense would be doing that subtraction and that you should put the MTU, not the MSS, into the field which is confusingly labelled "MSS". The OP just wants to make sure the help text is actually correct. Go check for yourself
Logged
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do.
(Isaac Asimov)
Monviech (Cedrik)
Global Moderator
Hero Member
Posts: 1613
Karma: 176
Re: MSS Clamping
«
Reply #3 on:
December 13, 2023, 10:47:58 am »
@Patrick You are right, that help text sounds really confusing.
I would rather use "Firewall: Settings: Normalization" and create a rule for the interface there instead of putting a value in the interface MSS field.
Logged
Hardware:
DEC740
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
MSS Clamping
