Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Bronze

purpose of using sysopt connection tcpmss 0

Found this on an ASA I'm upgrading. Why set the tcp mss to 0?

sysopt connection tcpmss 0

Thanks.

Everyone's tags (2)
1 ACCEPTED SOLUTION

Accepted Solutions
Super Bronze

purpose of using sysopt connection tcpmss 0

Hi,

I can't really say why someone has changed the setting.

The default value is 1380

The value 0 seems to disable this feature completely. In other words if I have understood correctly, with the setting you mention, the ASA wont take part in deciding the maximum segment size when host behind 2 ASA interface initiate and negotiate a TCP connection.

Wonder if there is any special MTU settings on the ASA interfaces?

show run mtu

- Jouni

2 REPLIES
Super Bronze

purpose of using sysopt connection tcpmss 0

Hi,

I can't really say why someone has changed the setting.

The default value is 1380

The value 0 seems to disable this feature completely. In other words if I have understood correctly, with the setting you mention, the ASA wont take part in deciding the maximum segment size when host behind 2 ASA interface initiate and negotiate a TCP connection.

Wonder if there is any special MTU settings on the ASA interfaces?

show run mtu

- Jouni

Bronze

purpose of using sysopt connection tcpmss 0

Thanks for your reply.

Checked the MTU's--good idea but they are all 1500.

This ASA has a lot of tunnels so my guess it was one of the tunnels, and whoever did this didn't know the procedure for Path MTU discovery

916
Views
0
Helpful
2
Replies
CreatePlease to create content