In some mail from Russ, sie said: > > -----BEGIN PGP SIGNED MESSAGE----- > > According to MSDN, NT 3.5/3.51/4.0 and Windows 2000 implement a > minimum MSS of 68 bytes (found under the discussion of PMTU and RFC > 791 and 1191), as prescribed by RFC 791. I think some people are not understanding the difference between the TCP MSS and IP's MTU. Either that or both you and David LeBlanc are grasping at straws in order to make WindowsNT look better ;) MTU and Path MTU (PMTU) discovery are not the same as TCP's MSS but they can and do impact it. I'll repeat, in testing, I managed to get NT4.0 (workstation) to accept a TCP MSS of 1 (sent lots of data packets out that had 1 byte of data) and I got Win2000 to accept an MTU of 69 (effective MSS of 17 after TCP options) through PMTU discovery. Now, if 20+68 is the reason why 88 is the minimum MSS Win2000 will accept then someone doesn't understand what the word "MTU" means because it referes to the TOTAL IP datagram length, not the data part. Given all of the above, the suggestion both you and David LeBlanc made that Windows fixed things at a default of 576 when PMTU discovery was enabled is not true and I proved this in testing. It would also be an incorrect implementation if it were true so the MS guys have done the right thing here. Furthermore, if it worked like the documentation suggested it did then PMTU discovery would break if it went over a connection with an MTU under 576 (possible). What is magic about the number 576 is that the host requirement RFC's say that all IP iplementations must be able to put back together a fragmented packet that is 576 bytes in length (RFC1122:3.3.2). Using the C program I posted, I was able to get Win2000 to create a MTU specific path to a local box where the MTU was 69. That's well under any number over 500 (depending on how you choose to see the value). The registry setting both you and David have mentioned is the same as these controls elsewhere: NetBSD - sysctl net.inet.ip.mtudisc Solaris - ndd /dev/ip ip_path_mtu_discovery and so on. Essentially, on both of those platforms all it does is control whether the "don't fragment" bit (0x4000) is set in the IP offset field. Path MTU discovery has absolutely no interaction with the TCP MSS except that one would expect it to be used if a cached path already existed to a host, with an MTU specific for it set, when initiating or accepting a new TCP connection. Well, maybe I'm being a bit strong on the "no" bit. I *DID* search MSDN for any information on TCP MSS settings in the registry *BEFORE* posting the email. I get the same lack of an answer on how to set a minimum acceptable MSS now as I did then. FWIW, I've got a copy of the TCP/IP parameters in WinNT on my desk right here beside me. > ============================================================ > EnablePMTUDiscovery REG_DWORD 0 | 1 > > Default: 1 > > Determines whether TCP uses a fixed, default maximum transmission unit (MTU) > or attempts to detect the actual MTU. > > Value Meaning > 0 TCP uses an MTU of 576 bytes for all connections to computers > outside the local subnet. > 1 TCP attempts to discover the MTU of the path to a remote host. > By discovering the Path MTU and limiting TCP segments to this size, TCP can > eliminate fragmentation at routers along the path that connects networks > with different MTUs. Fragmentation reduces TCP throughput and increases > network congestion. > > Note > > Windows NT does not add this value to the Registry. You can add it by What that should say is: 0 TCP uses an MTU of 576 bytes for setting the initial maximum segment size for communicating with remote hosts. I guess what it currently says _is correct_ but the way it is being said is confusing for the reader if you do not understand what they mean by "use". In this context it does not mean for the lifetime of the connection, only the initial setup (calculate MSS value for packets where the SYN flag is set). > Also, there's the registry key; > > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ > EnablePMTUDiscovery = 0 (DWORD) > > EnablePMTUDiscovery: completely enables or disables the PMTU > discovery mechanism. When PMTU discovery is disabled, an MTU of 576 > bytes is used for all non-local destination addresses. PMTU discovery > is enabled by default. > > This would enforce a minimum MSS of 536. > > Finally, in the registry key under a specific interface; Again the wrong conclusion to what this means has been arrived at. It means the MSS is 536 when the TCP connection is started and packets with the SYN bit and MSS option are being sent. It definately does not mean "enforce a minimum MSS of 536 for the lifetime of a connection". Darren
This archive was generated by hypermail 2b30 : Tue Jul 10 2001 - 06:44:58 PDT