MTU and MSS



  • My ISP (Verizon DSL) seems to work best with MTU set at 1492 and MSS set at 1452.

    The pfSense setting explanations read:

    MTU: If you leave this field blank, the adapter's default MTU will be used. This is typically 1500 bytes but can vary on some hardware.

    MSS: If you enter a value in this field, then MSS clamping for TCP connections to the value entered above minus 40 (TCP/IP header size) will be in effect.

    The first explanation is clear–if I want to change the MTU to 1492 from my adapter's default of 1500, I enter 1492, but the second explanation is not clear at all.  Does it mean I should enter 1452 if I want the MSS to be 1452 or should I leave the field blank, or do something else?  What setting does "the value entered above" refer to, the MTU box or the MSS box?  The way the explanation is written is very confusing.



  • the value in the MSS field minus 40. If you want a 1400 MSS, put 1440 (which means your maximum IP header+TCP header+payload == 1440).



  • So are you saying that if I want an MTU of 1492 and an MSS of 1452, I should enter "1492" in both fields?



  • yes



  • Well, I just tried doing that and my connection crashes!  I then entered 1492 in the first box and 1452 in the second box, as I have had it set in the past, and my connection works . . . most of the time–sometimes I go for up to two weeks without having to reboot pfSense and sometimes I have to reboot pfSense two or more times every day.  I don't know if my ISP is dropping my connection or if my modem is dropping it, but the only way I can regain a connection is to reboot pfSense.  This matter has been driving me nuts for several months.  Perhaps I could try lower MTU and MSS values?

    By the way, I am using PPPoE.



  • @Nonsense:

    By the way, I am using PPPoE.

    What does the PPP log show a few minutes before and after you think the connection died? What is in the system log over that interval? (See Status -> System Logs  to see the system log then click on PPP tab to see the PPP log.)



  • Please see my past post on this topic, on which you also commented:

    http://forum.pfsense.org/index.php/topic,48966.0.html

    I have checked a number of times with my ISP on this matter and they can supply me with no information/clue as to what is going on, but on a few occasions I know I was not the only customer who went down.  What I don't understand is why I have to do a complete reboot of pfSense in order to reestablish the PPPoE connection.  I do use a PCI modem card (Viking) in bridge mode in my pfSense box for my DSL connection, so it is possible that the card is crashing.  The interesting thing is that I do not loose DSL sync when my PPPoE connection goes down and the basic ATM protocol on top of PPPoE stays connected (I know that from my ISP).  The only way I can reestablish my PPPoE connection is to reboot pfSense, then I always end up with a new (dynamic) IP address from my ISP.  The routers I owned prior to building a pfSense box also all did the same thing, however, so the problem may not be with my modem card.  The disconnects are seemingly random, but seem to happen during web surfing (not inactivity).

    When my MTU was set at 1500 I could force a disconnect simply by doing an online speed test (apparently during the upload portion of the test).  Changing the MTU down to 1492 and the MSS (box setting) down to 1452, however, allowed me to do online speed tests without crashing my connection.  That is why I am wondering if lowering MTU/MSS further might solve my "random" disconnects.

    The only other thing I can suppose is perhaps my ISP runs a program to periodically and automatically disconnect users like me who leave their modem/routers on all the time in order to free up a larger pool of available IP (ver. 4) addresses, but that supposition is merely speculation on my part.


Locked