İbrahim Ercan <ibrahim.metu@xxxxxxxxx> wrote:
> Until here there is nothing wrong. Now see what happen when I set
> client mss value to 1260 by changing mtu.
[..]
> Internal interface
> 10.0.0.215.60802 > 10.0.1.213.80: Flags [S], seq 36636545, win 197,
> options [mss 536,sackOK,TS val 99747035 ecr 6054999,nop,wscale 7],
> length 0
> 10.0.1.213.80 > 10.0.0.215.60802: Flags [S.], seq 3600660781, ack
> 36636546, win 14480, options [mss 1460,sackOK,TS val 16773019 ecr
> 99747035,nop,wscale 2], length 0
>
> As you can see syn proxy respond to client with same mss value and
> open connection to back end with 536. But I suppose, It should send
> 1460 to client and 1260 to server.
Problem is that we do not keep any state. Syncookes are restricted to 4
mss value:
static __u16 const msstab[] = {
536,
1300,
1440, /* 1440, 1452: PPPoE */
1460,
};
So, 1260 forces lowest value supported.
The table was based off a research paper that had mss distribution
tables. Maybe more recent data is available and if things have changed
we could update the table accordingly.
