Subject: Re: mss clamping (ip_nat.c)
To: Toru TAKAMIZU <ttaka@earth.email.ne.jp>
From: Martin Husemann <martin@duskware.de>
List: current-users
Date: 03/18/2002 19:22:02
> Sorry, I didn't know I needed to set the sysctl variable. But the above
> document doesn't say anything about "options MSS_CLAMPING" line.
> isn't required any more?

No.

To be more precise: the code in ip_nat.c is there always, not depending
on any additional options besides the "pseudo-device ipf".

The clamping is not enabled unless you explicitly request it in your 
ipnat.conf file, as described in the URL I referenced,
http://www.netbsd.org/Documentation/network/pppoe/#clamping.

Setting the sysctl variable net.inet.tcp.mss_ifmtu to 1 will make connections
established from the PPPoE router use the small MSS, even without MSS clamping.

If you do use clamping by adding "mssclamp 1452" to the NAT rules, you would
not realy need to set net.inet.tcp.mss_ifmtu. The text is a bit short on this.

Sorry, there should have been a post here describing the change when it
went in. It has been discussed before on the tech-kern mailing list, but
of course not everyone is reading that.

Martin