Use this chapter:
Network issues end to end, such as the common web page does not open, QQ can last.
Web page display failure, such as images do not display.
Internet access problems in the branch.
It understood primarily inter-area routes, and transmission server and the client.
First, the application operation
1. First of all talk about how to modify the MSS:
Enter the IP> Firewall> Mangle, click the + sign to create a new rule, as follows:
Then the advanced options inside:
Action Options
PPPOE MTU of 1480
2. Results comparison:
Before unmodified, the SYN number MSS request, the corresponding number is returned packet payload load
SYN request
This is the reply of payload data size.
Revised 1420, FIG following three:
SYN requests:
The corresponding backhaul:
Second, the conceptual understanding:
MTU, Maximum Transmission Unit MTU, the working data link layer, belongs to the second layer OSI.
IP, Internet Protocol Address Internet Protocol address, work at the network transport layer, belongs to the third layer OSI.
TCP, Transmission Control Protocol transmission control protocol operating in the transport layer, belongs to the fourth OSI layer.
UDP, User Datagram Protocol User Datagram Protocol, working in the transport layer, belongs to the fourth OSI layer.
MSS, Maximum Segment Size, the maximum segment size, TCP protocol is a child, also work in the OSI fourth layer.
MSS = MTU-40 --- 40 contains a 20-byte IP header and 20 bytes of TCP header
Three, TCP MSS in the popular understanding of the principles:
The server has a container, empty containers 40T, truck 1460T, joint cargo also happens 1500T. To send us!
Like many network hop transmission (a router), connected to different conveyor belt, there is 1500T, 1400T has the.
1400T belt above empty container or 40T, but only load 1360T.
当服务器的货从1500T的传送带转发到1400T的传送带时候,货柜就要拆分重新装柜,1460T的货物就要分为两个柜,一个装1360T,一个装100T,这明显增加了转发站的工作量,进出都要拆包和重新打包,然后在到我们手上的时候,我们的本地的路由器要把这两个柜重新装成1460T的一个柜发给我们。我们就能看到页面了,原理很完美!
但是这个时候就会导致转发站十分繁忙,因为一次的事情要做两次,所以忙中出错导致没封装完整的事情。
另外经过不同的转发站时候,有些转发站会限制你的PIR速率(Peak Information Rate,峰值信息速率),达到PIR速率直接丢包,这样导致了我们本地路由器收到的货不对板,等待了许久也收到不到剩下的包,所以无法在我们的本地的转发站上面将这些货柜按照相应的顺序装好返给我们,只能丢弃。所以我们就半天都打不开网站页面,最后除了一些小货柜能收到(文字)。
问题来了,TCP不是会重传吗?
是的,TCP会重传,但是服务器端发出的数据给我们就开始等我们说收到了(ACK),但是我们收不到包,没发回复ACK,服务器等了一会,基于使命必达原因给我们重传,我没还是没有收到包,没发回复ACK,第一次等1秒,第二次等2秒,第三次等4秒,一般默认重传15次。如此类推,直到重传超时RTO,切断连接。
RTO在Linux最小为200毫秒,最大120秒,可以在内核中设置该项值。
Router OS也可以在防火墙里面设置连接追踪的时间
四、修改MSS的好处
修改了MSS的大小,就是主动向服务器协商发送给我们路由器的每个包有效载荷是多少,这样可以让数据包在传输路径中可以一次性传送回来给我们,降低我们因为被分片所导致丢包问题,如果丢包的话,也好区分丢分了哪些包。简单来说就是在外部转发路径中尽量减少拆分和封装的流程,只在我们路由器上面重组。
五、为什么只建议修改MSS,不修改MTU
很好的问题,别因为我们在OSI四层中,不是只有TCP协议,还有UDP!
MSS is dependent on the TCP, changing the MTU MSS can be reduced, but also reduce the transmission efficiency of our UDP. We have a lot also based on UDP protocol, such as QQ, IP telephony, and video conferencing.
Therefore, we proposed to amend the MSS rather than MTU, unless your router does not support MSS changes.