Grasp the network flow

Differrence between MTU & MSS, IP Fragmentation & TCP Segmentation

Difference between MTU & MSS

MTU(Maximum Transmission Unit)

MTU is a concept based on IP layer, is the maximum size (number of bytes) including IP header that NW devices and hosts can send and receive.

Maximum size of Ethernet is 1518 Byte and substracted size of Ethernet header and FCS "1500 Byte" is the default value on many devices' and hosts' interface.

However, recently the original standard called Jumbo frame has appeared, and the designation of large size such as 9000 bytes is increasing.

In cisco devices, command below can configure the MTU value.

[Configuring IPv4 MTU value]

(config-if)# ip mtu 1480

[Configuring IPv4&IPv6 MTU value]

(config-if)# mtu 1480

MSS(Maximum Segment Size)

MSS is a concept based on TCP layer, and is maximum size not including TCP header.

This setting is not in the NW devices, but it is set in the host such as clients and servers. In most cases, it is "1460 Byte" which subtracted 40 Bytes of IP and TCP headers according to MTU setting.

Difference between IPFragmentation & TCP Segmentation

IP Fragmentation (it is the job of NW devices)

This is a job done by NW devices such as a router, it becomes a division work by IP base and MTU base. It is divided according to the MTU of the NW device. So UDP is also effective.

However, splitting/reconstructing processing runs on both the NW device side and the host side, resulting in poor efficiency. So it is a feature that is rarely used now (because Path MTU Discovery is the basis and the "DF bit" that prohibits Fragmentation is enabled in the setting of OS etc).

When the size of the IP packet is larger than the MTU value on the interface of the passing NW device and "DF bit" is 0, IP Fragmentation is performed.

TCP Segmentation (it is the job of hosts)

This is a work done by hosts such as clients and servers, and it will be a splitting work based on TCP base and MSS base. When it does not reach with 1 TCP packet, sending data exceeding the MSS value on TCP communication, so it is divided into multiple TCP packets according to the MSS value of the host.

IP Fragmentation does not occur if even TCP segmentation is done exactly. However, since the hosts set the MSS value and the NW devices set the MTU value, it is necessary to take consistency by NW administrators.

If it is a cisco router, you can adjust the MSS with the following command. There should also be some commands on other routers.

(config-if)# ip tcp adjust-mss 1440

When TCP 3way Handshake, TCP MSS value is negotiated between hosts,
with this setting, the NW device can rewrite the MSS value. Because TCP is communication between terminals, originally NW devices should not intervene, but this behavior is an exception.

In the above example, it is assumed that the minimum MTU value on the route is 1480 bytes, in which case 1440 obtained by subtracting TCP header 20 and IP header 20 is appropriate as MSS value.

The idea of ​​avoiding inefficient IP fragment as much as possible and responding with TCP segmentation raised "Path MTU Discovery". Here for details.

Wireshark's [TCP segment of a reassembled PDU]

When packet capturing with Wireshark, often shown [TCP segment of a reassembled PDU]. This is exactly the result of the aforementioned TCP segmentation.

コメント

タイトルとURLをコピーしました