Michael Uray asked:
I have there a OpenVPN VPN network connection, where the MSS size 60 gets send out for some reason (don’t know why yet).
EDIT: Reason: OpenVPN mssfix was mistakenly set to 1
36 92.064383 10.102.0.43 10.1.151.50 TCP 52 49991 → 63760 [SYN] Seq=0 Win=65535 Len=0 MSS=60 WS=128 SACK_PERM=1 37 92.064763 10.1.151.50 10.102.0.43 TCP 52 63760 → 49991 [SYN, ACK] Seq=0 Ack=1 Win=65535 Len=0 MSS=1460 WS=256 SACK_PERM=1
There are two devices on this network, which behave different.
- Win 10 PC with Filezilla FTP Server
- Embedded device (PLC) based on VxWorks with internal FTP server
The PC sets the MSS size to 536, but the PLC sets it down to 60 like requested.
41 92.171676 10.1.151.50 10.102.0.43 FTP-DATA 576 FTP Data: 536 bytes (PASV) (RETR TCData.br) 67 17.385576 10.1.151.1 10.102.0.43 FTP-DATA 100 FTP Data: 60 bytes (PASV) (RETR TCData.br)
Is that implemented on the right way on both sides?
I know that the default TCP MSS is 536, but is there a required minimum size?
536 is the minimum.
Remember that the minimum packet size for TCP (in IPv4) that all hosts must accept is 576 octets, and the MSS is the size of the payload of that packet, i.e. 576-40 = 536.
A host sending a TCP packet with MSS=60 is severely misbehaving.
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.