MSS Clamping

MSS Clamping works around issues caused by (clue impaired) system admins who think blocking all ICMP is a good idea. This is such of an issue in IPv4, that IPv6 makes ICMP mandatory to be allowed for basic networking to actually function.

You can read about PMTU issues here.

For PPPoE users, this command will 'fix' connectivity to remote sites where ICMP is blocked, and PMTU is broken:

  set firewall options mss-clamp interface-type all
  set firewall options mss-clamp mss 1452

For tunneled IPv6 users (either SIT/6in4 or 6rd), specifically ones with a tunnel over a PPPoE connection, this command will get your network connectivity working again to some sites, such as Netflix:

  set firewall options mss-clamp6 interface-type all
  set firewall options mss-clamp6 mss 1412
  • edgerouter/mss-clamp.txt
  • Last modified: 2015/04/27 20:26
  • by brielle