Community discussions

 
jbaird
newbie
Topic Author
Posts: 46
Joined: Tue May 10, 2011 6:11 am

PPPoE and MTU/MRU/MSS Settings

Wed Aug 03, 2011 3:55 pm

Hi,

I know this has been discussed several times in the forums, but I am still unclear and would appreciate some clarification. I currently have several RB450G's running 5.2 that are acting as PPPoE Servers in the field. We are noticing that occasionally, we will have a user that complains that he is not able to access certain sites, or the sites load very slowly. It appears we have a MTU issue. Only maybe 2 out of 50 users on any given RB450G are experiencing this problem.

After reading the FAQ and the forums, it appears there are a few solutions. One is to set the "Change MSS" option on the PPPoE profile. This isn't the best solution though, since it creates dynamic MSS mangle rules for every PPPoE session which can be taxing on the RB's CPU with so many PPPoE users. Another, is to create one static mangle firewall rule as the FAQ states:
Use /ip firewall mangle to change MSS (maximum segment size) 40 bytes less than your connection MTU. For example, if you have encrypted PPPoE link with MTU=1492, set the mangle rule as follows:

/ ip firewall mangle
add chain=forward protocol=tcp tcp-flags=syn action=change-mss tcp-mss=!0-1448 new-mss=1448
I added this rule to my RB, but the user is still experiencing issues. At the user end of the client connection, my CPE (Motorola Canopy SM) is connected directly to the end user's computer. The SM is performing NAT. The SM and the PPPoE server are reporting a MTU of 1480. This should leave 12bytes of overhead for PPPoE which should be plenty (only need 8bytes).

The FAQ states that you should create the MSS rule to be 40 bytes less than your MTU. It then says that if you have a PPPoE link with a MTU of 1492, to change the MSS to 1448. That is 44bytes, not 40bytes as the instructions state. Am I missing something?

Could the MTU settings on the client's PC be causing this problem? How can I go about further troubleshooting this issue?

Thanks!
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 5934
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: PPPoE and MTU/MRU/MSS Settings

Wed Aug 03, 2011 4:15 pm

Ethernet header can be bigger than 40 bytes. MSS is changed by 44 bytes just to be sure.
 
jbaird
newbie
Topic Author
Posts: 46
Joined: Tue May 10, 2011 6:11 am

Re: PPPoE and MTU/MRU/MSS Settings

Wed Aug 03, 2011 4:35 pm

So, since the PPPoE server and CPE are actually reporting a MTU of 1480, should I change the MSS to 1480 - 44 = 1436?
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 5934
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: PPPoE and MTU/MRU/MSS Settings

Wed Aug 03, 2011 4:42 pm

Yes.
 
jbaird
newbie
Topic Author
Posts: 46
Joined: Tue May 10, 2011 6:11 am

Re: PPPoE and MTU/MRU/MSS Settings

Wed Aug 03, 2011 6:45 pm

Thanks, I'll try this. Should the "Change TCP MSS" in the PPPoE profile be set to "default" or "no"?

I appreciate the help.
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 5934
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: PPPoE and MTU/MRU/MSS Settings

Thu Aug 04, 2011 8:26 am

If you are adding manually change MSS rule, then set change-mss to no
 
jbaird
newbie
Topic Author
Posts: 46
Joined: Tue May 10, 2011 6:11 am

Re: PPPoE and MTU/MRU/MSS Settings

Thu Aug 04, 2011 3:51 pm

Thanks, this appears to have fixed the problem.
 
fabiandr
just joined
Posts: 24
Joined: Tue Mar 03, 2009 10:28 pm

Re: PPPoE and MTU/MRU/MSS Settings

Sun Aug 14, 2011 3:38 am

Hello, I appreciate it, I can help, I have pppoe on my network server and dhcp server, in the configuration I have MTU in 1480, and change the MSS 1400, 1410 and in every case I have problems with hotmail and yahoo page. That way I can find the correct value of the setting of the MSS.
Thank you.
 
killersoft
Member Candidate
Member Candidate
Posts: 134
Joined: Mon Apr 11, 2011 2:34 pm
Location: Victoria, Australia
Contact:

Re: PPPoE and MTU/MRU/MSS Settings

Thu Aug 25, 2011 2:53 pm

<ADSL MODEM>====< RB750G>===<NETWORK SWITCH>====<USER COMPUTERS>

Hi, I have recently bolted in a 750G(ROS v5.6) into my works local internet in order to keep a closer eye on users and there data usage.
The ADSL modem runs PPPoE and I use IP to link the modem and 750G rather than using the 750G as a PPPoE client.

I set the750G up with a masquerade srcnat firewall rule. This configuration seemed to be working well, up until users tried to get to get to there Hotmail accounts. I tested hotmail with a PC directly connected to the adsl modem, and I have no issues there, yet if I'm on the network switch side of the network Hotmail hangs with no page shown(other web sites seem to work great). This seems to fit in with this thread.

The posts I have read so far seem to suggest that the router in other peoples examples is using PPPoE Client mode, and in my case I am not doing that.

What is do people recommend I try on the 750G up first to try an sort this issue out. The ADSL modem is a Billion 7800nl(and there is no MTU/MSS menu !!Evil Billion!!) The ADSL Internet connection is via PPPoE..
MIT, BIT, ITIL, CERT IV Electronics.

Who is online

Users browsing this forum: No registered users and 30 guests