Man page or keyword search:   man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines, Functions 4 - Special Files 5 - File Formats 6 - Games and Screensavers 7 - Macros and Conventions 8 - Maintenence Commands 9 - Kernel Interface New Commands Server 4.4BSD AIX Alpinelinux Archlinux Aros BSDOS BSDi Bifrost CentOS Cygwin Darwin Debian DigitalUNIX DragonFly ElementaryOS Fedora FreeBSD Gentoo GhostBSD HP-UX Haiku Hurd IRIX Inferno JazzOS Kali Knoppix LinuxMint MacOSX Mageia Mandriva Manjaro Minix MirBSD NeXTSTEP NetBSD OPENSTEP OSF1 OpenBSD OpenDarwin OpenIndiana OpenMandriva OpenServer OpenSuSE OpenVMS Oracle PC-BSD Peanut Pidora Plan9 QNX Raspbian RedHat Scientific Slackware SmartOS Solaris SuSE SunOS Syllable Tru64 UNIXv7 Ubuntu Ultrix UnixWare Xenix YellowDog aLinux   44335 pages apropos Keyword Search (all sections) Output format html ascii pdf view pdf save postscript

TCPMSSD(8)		  BSD System Manager's Manual		    TCPMSSD(8)

NAME
     tcpmssd — TCP Maximum Segment Size option corrector

SYNOPSIS
     tcpmssd [-bv] -p port {-i iface | -m mtu}

DESCRIPTION
     The tcpmssd utility adjusts TCP SYN packets so that the maximum receive
     segment size is not greater than the amount allowed by the interface's
     MTU.

     This is necessary in many setups to avoid problems caused by routers that
     drop ICMP “Datagram Too Big” messages, thus breaking the Path MTU Discov‐
     ery algorithm (RFC 1191).	Without these messages, the originating
     machine sends data, it passes the rogue router then hits a machine that
     has an MTU that is not big enough for the data.  Because the IP “don't
     fragment” option is set, this machine sends an ICMP “Datagram Too Big”
     message back to the originator and drops the packet.  The rogue router
     drops the ICMP and the originator never gets to discover that it must
     reduce the Path MTU value or exclude the IP “don't fragment” option from
     its outgoing data.

     The tcpmssd utility normally runs in the background as a daemon.  It
     intercepts TCP packets from a divert(4) socket bound to the port speci‐
     fied with the -p option and reduces the value of TCP MSS option if neces‐
     sary so that the incoming TCP messages will pass through this host with‐
     out need to send ICMP “Datagram Too Big” messages.

     The maximum value for the TCP MSS option is determined based on an MTU
     given either as an absolute value with the -m option or derived from a
     network interface specified with the -i option.

     If run with the -b option, tcpmssd will attempt to update the TCP MSS
     option on both incoming and outgoing TCP segments, as delivered on the
     divert(4) socket.	By default, only outgoing TCP segments are examined.

     If run with the -v option, tcpmssd does not detach from its controlling
     terminal and writes various diagnostic messages to the standard error
     output.

     The following steps are necessary to run tcpmssd:

     1.	  Build your kernel with the following options:

		options IPFIREWALL
		options IPDIVERT

	  Refer to the Handbook for detailed instructions on building a custom
	  kernel.

     2.	  Make sure to redirect TCP traffic to the divert(4) port port.	 Refer
	  to the ipfw(8) manual page for details.

SEE ALSO
     divert(4), ipfw(8)

AUTHORS
     This program was written by Ruslan Ermilov ⟨ru@FreeBSD.org⟩ based on work
     done by Patrick Bihan-Faou ⟨patrick@mindstep.com⟩.

BSD				 June 11, 2004				   BSD

Vote for polarhome