Subject: kern/10943: A way to limit the maximum MSS is needed
To: None <gnats-bugs@gnats.netbsd.org>
From: John Hawkinson <jhawk@mit.edu>
List: netbsd-bugs
Date: 09/03/2000 21:13:15
>Number:         10943
>Category:       kern
>Synopsis:       A way to limit the maximum MSS is needed
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    kern-bug-people
>State:          open
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Sun Sep 03 21:14:00 PDT 2000
>Closed-Date:
>Last-Modified:
>Originator:     John Hawkinson
>Release:        -current 4 Sep 2000
>Organization:
MIT
>Environment:
	
System: NetBSD zorkmid.mit.edu 1.5E NetBSD 1.5E (ZORKMID-$Revision: 1.2 $) #54: Fri Aug 18 01:53:49 EDT 2000 jhawk@zorkmid.mit.edu:/usr/local/netbsd-current/src/sys/arch/i386/compile/ZORKMID i386


>Description:
	A method to limit the maximum advertised MSS is needed.
With the increasing prevalance of PMTU blackholes, a NetBSD machine
that is behind a smaller-than-its-own-MTU-link has little recourse
other than to advertise a sufficiently small MSS that all TCP packets
will fit through the small MTU link. Typically such links have an
MSS of 1480, and are due to tunnelling.

	Currently, the only way to acheive this is by lowering the mtu
one or all interfaces, though this is not supported by most interfaces,
so kernel patching is necessary.
>How-To-Repeat:
	
>Fix:
	I propose net.inet.tcp.maxmss, a configurable sysctl to limit
the maximum advertised MSS (of course it would dfeault to 65536
or whatever).

	It could be argued that this should be an interface-specific frob,
but I don't think that the value outweighs the complexity in this case.

>Release-Note:
>Audit-Trail:
>Unformatted: