Community discussions

MikroTik App
 
indula
just joined
Topic Author
Posts: 3
Joined: Thu Mar 09, 2023 8:57 pm

changing TCP MSS for LDP packets in MPLS router

Fri Mar 10, 2023 5:16 am

Hi team,
We have a MPLS enabled router and we need to change the tcp mss for LDP packets.
tried with a mangle rule but failed. please help on how we can change the tcpmss
mangle rule we tried is below
/ip firewall mangle
add action=change-mss chain=forward in-interface=sfp1.2 new-mss=1500 passthrough=no protocol=tcp tcp-flags=syn tcp-mss=1460-65535
add action=change-mss chain=forward new-mss=1500 out-interface=sfp1.2 passthrough=no protocol=tcp tcp-flags=syn tcp-mss=1460-65535

Regards,
indula
 
DarkNate
Forum Veteran
Forum Veteran
Posts: 999
Joined: Fri Jun 26, 2020 4:37 pm

Re: changing TCP MSS for LDP packets in MPLS router

Sat Mar 11, 2023 3:50 am

TCP MSS mangling is never a good solution. The good solution is to properly configure MTU jumbo frames end-to-end on your network to ensure zero fragmentation.

The post here contains an MTU section:
viewtopic.php?p=988493#p864371
 
indula
just joined
Topic Author
Posts: 3
Joined: Thu Mar 09, 2023 8:57 pm

Re: changing TCP MSS for LDP packets in MPLS router

Sat Mar 11, 2023 6:20 am

HI DarkNate,
yeah. its true but there is a legacy node in between which we can not increase the MTU. thats why we neeeded to set the tcp mss
will mangle work on MPLS packet. thanks in advance

Regards,
indula
 
DarkNate
Forum Veteran
Forum Veteran
Posts: 999
Joined: Fri Jun 26, 2020 4:37 pm

Re: changing TCP MSS for LDP packets in MPLS router

Sat Mar 11, 2023 11:01 pm

HI DarkNate,
yeah. its true but there is a legacy node in between which we can not increase the MTU. thats why we neeeded to set the tcp mss
will mangle work on MPLS packet. thanks in advance

Regards,
indula
Configure MTU in the path on both sides to match legacy node including MPLS overhead. This ensures no fragmentation.
 
MahishTanzon
just joined
Posts: 3
Joined: Thu Dec 29, 2022 8:57 am

Re: changing TCP MSS for LDP packets in MPLS router

Thu Mar 30, 2023 10:52 am

The mangle rules you have tried seem to be correct, but the issue may lie elsewhere. Here are a few things you can check:
Make sure that the interface name is correct. It should match the name of the interface that connects to the MPLS network.
Check if the MPLS packets are really using the TCP protocol. If they are not, the mangle rules will not have any effect.
Check if there are any other firewall rules that might be interfering with the mangle rules. Make sure that the mangle rules are placed before any other firewall rules that might modify the packets.
Check if the mangle rules are being applied correctly. You can use the "Packet Sniffer" tool to capture packets and see if they are being modified by the mangle rules.
If none of these steps help resolve the issue, please provide more information about the network topology and configuration so that we can better understand the problem.

Who is online

Users browsing this forum: evellin, loloski and 17 guests