Subject: Re: Patch for timiting TCP MSS (i.e. for new PPPoE)
To: David Laight <>
From: Steven M. Bellovin <>
List: tech-net
Date: 12/04/2001 10:48:36
In message <003f01c17cda$353eafe0$0100a8c0@snowdrop>, "David Laight" writes:
>Is it possible - of course it is :-) everything is possible... - to
>dynamically determine the TCP MSS for a given connection?
>Something along the lines of:
>Detect the largest segment you've had an ack for, if you have to retransmit
>a large segment (more than once?) try reducing its size to (say) half way
>between the largest segment size which has worked, and the current size.
>Creep the MSS up until things fail again.
>(a bit like the 'slow start' stuff for window sizes)
>Don't think you can detect IP fragmentation being done by a router though!

Use the same strategy that PMTU uses: set the "Don't Fragment" bit, and 
see what happens.

		--Steve Bellovin,
		Full text of "Firewalls" book now at