TCP MSS configuration for BGP neighbors
Overview
The manual configuration between the routing devices establishes the BGP peer that creates a TCP session.
This feature enables the configuration of TCP Maximum Segment Size (MSS) that defines the maximum segment size in a single TCP segment during a communication session. TCP segment is a unit of data transmitted in a TCP connection. TCP uses three-way handshake process for initial establishment of a TCP connection. In the three-way handshake process, the sending host sends a SYN packet. Once the receiving host receives the SYN packet, it acknowledges and sends back a SYN-ACK packet to the sending host. Once the sending host receives the SYN-ACK packet from the receiving host, it sends an ACK packet, establishing a reliable connection. In this three way handshake process, the MSS is negotiated between the BGP neighbors.
Three-way handshake
Feature Characteristics
The configuration of the TCP MSS for BGP neighbors helps the neighbors adjust the MSS value of the TCP SYN packet. Configure the TCP MSS through the CLI and NetConf interface. The configurable MSS range is offered from 40-1440 bytes. By default, the MTU value for ethernet cable is 1500 bytes. When configuring the highest MSS value that is 1440, the total MSS becomes 1440 bytes (MSS) plus 20 bytes (IP Header Size), 20 bytes (TCP Header), and Ethernet header which does not cross the default path MTU value.
TCP MSS for BGP neighbor
Benefits
By default, the interface MTU value determines the MSS value of a packet. When the interface MTU value exceeds the default ethernet path MTU value of 1500 bytes, the MSS value also crosses the default ethernet path MTU value, resulting in packet fragmentation. The configuration of the specific MSS value limits the packet size irrespective of the interface MTU value, preventing packet fragmentation.
Prerequisites
Requires the knowledge on TCP handshake and BGP neighbor discovery.
Configuration
This section shows the procedure to configure TCP MSS between BGP peers.
Topology
The below example shows the configuration required to enable BGP on an interface. PE1 and RR1 are routers belonging to the same Autonomous System (AS) with the Autonomous System Number (ASN) as AS100, connecting to network 10.1.1.0/24. First, define the routing process and the ASN to which the routers belong. Then, define BGP neighbors to start exchanging routing updates and configure the TCP MSS for BGP between PE1 and RR1 devices.
Device topology for BGP
Configuration
The configuration shows how to configure the TCP MSS value for the BGP peer.
PE1
PE1#configure terminal | Enter Configuration mode. |
PE1(config)#interface lo | Enter interface mode for loopback. |
PE1(config-if)#ip address 1.1.1.1/32 secondary | Specify the interface IP address 1.1.1.1. |
PE1(config-if)#exit | Exit the interface mode. |
PE1(config)#interface xe1 | Enter interface mode for xe1. |
PE1(config-if)#ip address 10.1.1.1/24 | Specify the IP address 10.1.1.1 for the interface. |
PE1(config-if)#exit | Exit interface mode for xe1. |
PE1(config)#router bgp 100 | Define the routing process. The number 100 specifies the ASN of PE1. |
PE1(config-router)#bgp router-id 1.1.1.1 | Configure bgp router-id same as loopback IP address1.1.1.1. |
PE1(config-router)#neighbor 10.1.1.2 remoteas 100 | Define BGP neighbors, and establish a TCP session. 10.1.1.2 is the IP address of the neighbor and 100 is the neighbor's ASN. |
PE1(config-router)#neighbor 10.1.1.2 tcp-mss 800 | Configure TCP MSS value. |
PE1(config-router)#address-family ipv4 unicast | Enter address-family IPv4 unicast mode. |
PE1(config-router-af)#neighbor 10.1.1.2 activate | Activate neighbor with IP address 10.1.1.2 in the IPv4 address family. |
PE1(config-router-af)#redistribute connected | Redistributing connected routes inside BGP. |
PE1(config-router-af)#exit-address-family | Exit address-family mode. |
PE1(config-router)#commit | Commit the candidate configuration to the running configuration. |
RR1
RR1#configure terminal | Enter configuration mode. |
RR1(config)#interface lo | Enter interface mode for loopback. |
RR1(config-if)#ip address 2.2.2.2/32 secondary | Specify the interface address 2.2.2.2. |
RR1(config-if)#exit | Exit interface mode. |
RR1(config)#interface xe47 | Enter interface mode for xe47. |
RR1(config-if)#ip address 10.1.1.2/24 | Specify IP address 10.1.1.2/24 for the interface. |
RR1(config-if)#exit | Exit interface mode for xe47. |
RR1(config)#router bgp 100 | Define the routing process. The number 100 specifies the ASN of RR1. |
RR1(config-router)#bgp router-id 2.2.2.2 | Configure BGP router-id same as loopback IP address 2.2.2.2. |
RR1(config-router)#neighbor 10.1.1.1 remoteas 100 | Define BGP neighbors, and establish a TCP session. 10.1.1.1 is the ip address of the neighbor and 100 is the neighbor's ASN. |
RR1(config-router)#neighbor 10.1.1.1 passive | Configure BGP neighbor 10.1.1.1 passive. |
RR1(config-router)#address-family ipv4 unicast | Enter address-family IPv4 unicast mode |
RR1(config-router-af)#neighbor 10.1.1.1 activate | Activate the neighbor in the IPv4 address family. |
RR1(config-router-af)#neighbor 10.1.1.1 route-reflector-client | Configure RR1 as the Route-Reflector (RR) and neighbor PE1 as its client. |
RR1(config-router-af)#redistribute connected | Redistributing connected routes inside BGP. |
RR1(config-router-af)#exit-address-family | Exit address-family mode. |
RR1(config-router)#commit | Commit the candidate configuration to the running configuration. |
Validation
PE1
PE1#show bgp summary
BGP router identifier 1.1.1.1, local AS number 100
BGP table version is 1
0 BGP AS-PATH entries
0 BGP community entries
Neighbor V AS MsgRcv MsgSen TblVer InQ OutQ Up/Dow
n State/PfxRcd
10.1.1.2 4 100 171 170 1 0 0 00:00:11
0
Total number of neighbors 1
Total number of Established sessions 1
PE1#
PE1#sh bgp neighbors
BGP neighbor is 10.1.1.2, remote AS 100, local AS 100, internal link, peer index
: 2
BGP version 4, local router ID 10.1.1.1, remote router ID 10.1.1.2
BGP state = Established, up for 00:07:29
Last read 00:00:24, hold time is 90, keepalive interval is 30 seconds
Neighbor capabilities:
Route refresh: advertised and received (old and new)
Address family IPv4 Unicast: advertised and received
Received 43 messages, 1 notifications, 0 in queue
Sent 46 messages, 4 notifications, 0 in queue
Route refresh request: received 0, sent 0
Minimum time between advertisement runs is 5 seconds
For address family: IPv4 Unicast BGP table version 1, neighbor version 1
Index 1, Offset 0, Mask 0x2
AIGP is enabled
Community attribute sent to this neighbor (both)
Large Community attribute sent to this neighbor
0 accepted prefixes
0 announced prefixes
Connections established 6; dropped 5
Local host: 10.1.1.1, Local port: 34738
Foreign host: 10.1.1.2, Foreign port: 179
TCP MSS: (800), Advertise TCP MSS: (800), Send TCP MSS: (800), Receive TCP MSS:
(536)
Sock FD : (25)
Nexthop: 10.1.1.1
Nexthop global: ::
Nexthop local: ::
BGP connection: non shared network
Last Reset: 00:08:45, due to Administratively Reset (Cease Notification sent)
RR1
RR1#show bgp summary
BGP router identifier 2.2..2.2, local AS number 100
BGP table version is 1
0 BGP AS-PATH entries
0 BGP community entries
Neighbor V AS MsgRcv MsgSen TblVer InQ OutQ Up/Dow
n State/PfxRcd
10.1.1.1 4 100 2 3 1 0 0 00:00:26
0
Total number of neighbors 1
Total number of Established sessions 1
RR1#sh bgp neighbors
BGP neighbor is 10.1.1.1, remote AS 100, local AS 100, internal link, peer index
: 2
BGP version 4, local router ID 10.1.1.2, remote router ID 10.1.1.1
BGP state = Established, up for 00:08:31
Last read 00:00:24, hold time is 90, keepalive interval is 30 seconds
Neighbor capabilities:
Route refresh: advertised and received (old and new)
Address family IPv4 Unicast: advertised and received
Received 46 messages, 4 notifications, 0 in queue
Sent 47 messages, 1 notifications, 0 in queue
Route refresh request: received 0, sent 0
Minimum time between advertisement runs is 5 seconds
For address family: IPv4 Unicast BGP table version 1, neighbor version 1
Index 1, Offset 0, Mask 0x2
AIGP is enabled
Community attribute sent to this neighbor (both)
Large Community attribute sent to this neighbor
0 accepted prefixes
0 announced prefixes
Connections established 6; dropped 5
Local host: 10.1.1.2, Local port: 179
Foreign host: 10.1.1.1, Foreign port: 34738
TCP MSS: (0), Advertise TCP MSS: (1460), Send TCP MSS: (800), Receive TCP MSS:
(536)
Sock FD : (22)
Nexthop: 10.1.1.2
Nexthop global: ::
Nexthop local: ::
BGP connection: non shared network
Last Reset: 00:09:52, due to BGP Notification received
New CLI Commands
neighbor tcp-mss
Use this command to set the BGP TCP MSS of a neighbor.
Use the no parameter with this command to remove a TCP MSS setting from a BGP neighbor.
Command Syntax
neighbor (A.B.C.D|X:X::X:X|WORD) tcp-mss <40-1440>
no neighbor (A.B.C.D|X:X::X:X|WORD) tcp-mss
For BGP unnumbered mode:
neighbor WORD tcp-mss <40-1440>
no neighbor WORD tcp-mss
Parameters
A.B.C.D
Address of the BGP neighbor in an IPv4 format
X:X::X:X
Address of the BGP neighbor in an IPv6 format
WORD
Name of a BGP peer group created with the neighbor WORD peer-group range command. When you specify this parameter, the command applies to all peers in the group.
<40-1440>
Configure TCP MSS
Default
By default, neighbor tcp-mss is disabled.
Command Mode
Router mode, address family-vrf mode and BGP unnumbered mode.
Applicability
This command was introduced in OcNOS version 6.4.1.
Examples
#configure terminal
(config)#router bgp 10
(config-router)#neighbor 10.10.0.72 tcp-mss 1000
(config)#router bgp 100
(config-router)#address-family ipv6 vrf VRF_A
(config-router-af)#neighbor 3ffe:15:15:15:15::0 tcp-mss 900
For unnumbered peer below configuration is given in BGP unnumbered-mode.
(config)#router bgp 100
(config-router)#bgp unnumbered-mode
(config-router-unnum)#neighbor eth1 tcp-mss 800
Abbreviations
The following are some key abbreviations and their meanings relevant to this document:
Acronym | Description |
ACK | Acknowledgment |
BGP | Border Gateway Protocol |
TCP | Transmission Control Protocol |
MSS | Maximum Segment Size |
MTU | Maximum Transmission Unit |
SYN | Synchronize |
Glossary
The following provides definitions for key terms used throughout this document.
BGP | BGP is an exterior gateway protocol to exchange route information and interconnect various networks on the global internet. |
BGP neighbor | BGP neighbors, called peers, are established by manual configuration among routers to create a TCP session on port 179, which exchanges routing information between two systems, defined by their Autonomous System Numbers (ASNs). |
MSS | MSS is a TCP parameter that defines the maximum amount of data in a TCP segment that can be transmitted. TCP - TCP is one of the main protocols in the Internet Protocol (IP) suite. It offers a secure and reliable connection between two devices. |
TCP | TCP is one of the main protocols in the Internet Protocol (IP) suite. It offers a secure and reliable connection between two devices. |
TCP segment | TCP segment is a unit of data transmitted in a TCP connection. The segment consists of header and payload. The header contains the control information to manage the transmission, and the payload contains the actual data that needs to be transmitted. |