current-users: Re: Unable to fetch http://www.netbsd.org

Subject: Re: Unable to fetch http://www.netbsd.org - MSS problem?
To: Andreas Priebe <andreas.priebe@promos-consult.de>
From: Robert Elz <kre@munnari.OZ.AU>
List: current-users
Date: 11/12/2003 02:21:50

    Date:        Tue, 11 Nov 2003 20:01:10 +0100 (CET)
    From:        Andreas Priebe <andreas.priebe@promos-consult.de>
    Message-ID:  <Pine.LNX.4.21.0311111952080.3940-100000@dimon.promos-consult.de>

  | As you see my side announces MSS 1452 and if I understand Stevens correctly,
  | the other side (www.NetBSD.org) should not send segments greater than
  | this, but as you can see it send me 1500 Bytes packets, i.e. MSS=1460 -
  | right?

No, it is sending 1448 byte (TCP) packets, see ...

19:51:20.614159 204.152.184.116.80 > 62.80.20.1.53248: . 1449:2897(1448)

That (1448) is the number of TCP data bytes in the packet.

This is because of ...
	ack 8 win 33580 <nop,nop,timestamp 3162162 6>
those (TCP) options in the packet, they make the TCP header bigger than 20
bytes (12 bytes bigger in this case).  Those 12 are the difference between
1448 and the 1460 you calculated.

1448 < 1452 so this is all legal TCP.   Nothing is directly broken here.
If packets that big can't get to you, you may need to make the MSS even 
smaller.

kre