06.04.2021 19:54, Rodney W. Grimes wrote: >> 05.04.2021 19:44, Rozhuk Ivan wrote: >> >>>>> As I understand, in some cases remote host does not reply with MSS >>>>> option, and host behind router continue use mss 8960, that dropped >>>>> by router. >>>> If the peer does not provide an MSS option, your local FreeBSD based >>>> host should use an MSS of net.inet.tcp.mssdflt bytes. The default is >>>> 536. So I don't think this should be a problem. >>> >>> Thats it! >>> Thanks, it was ~64k in mine config. >> >> This is also per-host setting, you know :-) >> >> It is generally bad idea using MTU over 1500 for an interface facing public >> network >> without -mtu 1500. You see, because TCP MSS affects only TCP and there is >> also UDP >> that happily produces oversized datagramms for DNS or RTP or NFS or >> tunneling like L2TP or OpenVPN etc. >> relying on IP fragmentation. >> >> I still recommend using -mtu 1500 in addition to mssdflt in your case. > > I do not recommend such a setting. That would defeat any jumbo frame usage > locally!
Why? Default route should not be used for local delivery. > The gateway/router that is forwarding packets to the internet connection > needs its upstream interface mtu set properly, and configured to properly > return icmp need fragement messages on the interfaces towards the > internal network. This results in extra delays and retransmission during outgoing data transfer, not good. The mechanics is much more fragile than default route's mtu attribute. _______________________________________________ freebsd-current@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
