Hi i have ppoe which allows 1492 bytes to pass through. This makes the mss go to 1452. I examined the packet and the IP header is 20 bytes the TCP header is 32 bytes and the data is 1448 which makes it in total 1500 bytes. Ive noticed that the tcp header is 32 beacause of a additonal 12 byte option value. Can someone just explain how all that can pass through a PPOE link of 1492 MTU? Thanks
asked 20 Aug '12, 06:45
The packets in your Cloudshark trace aren't going over a PPPoE interface, they are going straight over Ethernet. There are no PPPoE headers in the packet, just the Ethernet, IPv4, and TCP headers. From the MAC addresses in the packets, I assume the first frame in that capture is going between a Dell PC and a Fortinet firewall. If the firewall is on your local network, then there's no PPPoE involved, and therefore no 1492-byte MTU involved.
answered 20 Aug '12, 13:56
Guy Harris ♦♦
Ususally this would require fragmentation by the router, but TCP should have the "Don't Fragment" bit set. In that case you should see an ICMP message saying "Fragmentation needed but don't fragment bit set" coming back to your system, after which it should resend the data in smaller segments. The stack will remember the MTU of 1492 for a while and then try again sending with MTU 1500, doing the same procedure over and over again.
answered 20 Aug '12, 06:57
So, you are receiving larger packtes than the MTU size (Max Transmission Unit) of your DSL interface? Well, that's possible, as long as you (presumably) don't know the MTU size on the other side of the DSL connection (your ISP) as well.
If you try to send packets larger 1492 bytes through your DSL interface, your packets should be fragemented (unless the don't fragment flag is set).
See also here:
answered 20 Aug '12, 09:03
Kurt Knochner ♦