what they're saying is that for this application, if an ICMP 3 mode 4 comes through with MTU size information for the sender to use, then the sender is to adjust his MTU for subsequent transmissions of the same session and keep it that way.
the problem is that the application does not seem to be able to always keep the MTU sent by ICMP during the first connection attempt (the router is supposed to tell the application to scale back), so they suggest resending ICMP with the MTU size needed to get their application to scale its MTU size back down.
this problem only occurs with this application due to IPSEC encryption. the MTU should be reduced in an IPSEC connection to permit adding the encryption.
they state that a registry key change on the application server is required to allieviate the problem: (adjust for required MTU length)
You might try configuring ip tcp adjust-mss on the LAN interface of the router to specify a smaller segment size. You might need to experiment a bit to find the optimum size (I have had good success with 1375).
I agree with Rick on that. I have had good success with a MSS of 1400. To the best of my knowlege, this shouldn't impact other applications. What this command does is the router transparently lowers the MSS during TCP negotiation process between the client and server to a value you specify. This is a great command to rule out any MTU problems on the traffic path.
I would not expect any negative impact from implementing ip tcp adjust-mss. Like Sundar I have used this in quite a number of situations and I have not yet encountered any negative outcome from using this.
As Sundar explains this function affects the TCP negotiation of new sessions. So any session already established when you do this will not be affected. Any new session will negotiate a segment size no larger than what you have configured (it looks to the end station like the remote station has requested the segment size). I do not see any negative impact from doing this and it may help solve your issue.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...