主机A收到来自主机B的MSS值8K
6.Host A sets its send MSS value to 8K. 主机A将其发送MSS值设置为8K。
In order to assist in avoiding IP fragmentation at the endpoints of the TCP connection, the selection of the MSS value was changed to the minimum buffer size and the MTU of the outgoing interface (- 40). MSS numbers are 40 bytes smaller than MTU numbers because MSS is just the TCP data size, which does not include the 20 byte IP header and the 20 byte TCP header. MSS is based on default header sizes; the sender stack must subtract the appropriate values for the IP header and the TCP header depending on what TCP or IP options are being used.
The way MSS now works is that each host will first compare its outgoing interface MTU with its own buffer and choose the lowest value as the MSS to send. The hosts will then compare the MSS size received against their own interface MTU and again choose the lower of the two values.
为了帮助避免在TCP连接端点发生IP分段,(后来或者随后的做法)MSS值的选项已更改为最小缓冲区大小和传出接口的MTU(-40)。MSS数值比MTU数值小40字节,这是因为MSS仅为TCP数据大小,而不包括20字节的IP报头和20字节的TCP报头。MSS基于默认报头大小;根据使用的TCP或IP选项,发送者堆栈必须减去IP报头和TCP报头的相应值。
现在,MSS的工作方式是:各主机将首先比较其传出接口MTU和自己的缓冲区,并选择最小的值作为要发送的MSS(三次握手时SYN和SYN/ACK中的MSS字段)。然后,主机将比较收到的MSS大小和其自己的接口MTU,并再次从两个值中选择较小的值。(如场景2描述)
Scenario 2 illustrates this additional step taken by the sender to avoid fragmentation on the local and remote wires. Notice how the MTU of the outgoing interface is taken into account by each host
11
(before the hosts send each other their MSS values) and how this helps to avoid fragmentation.
场景2说明了发送者为避免在本地和远程线路上进行分段而采取其他步骤。请注意每台主机如何将传出接口的MTU纳入考虑范畴(在主机互相发送其MSS值之前),以及这如何帮助避免分段。
场景 2
1. Host A compares its MSS buffer (16K) and its MTU (1500 - 40 = 1460) and uses the lower value as the MSS (1460) to send to Host B. 主机A比较MSS缓冲区(16K)和其MTU(1500 - 40 = 1460),并使用较小的值作为MSS(1460),发送到主机B。
2. Host B receives Host A's send MSS (1460) and compares it to the value of its outbound interface MTU - 40 (4422).
主机B收到主机A的发送MSS(1460),并将其与出站接口MTU-40的值(4422)相比较。
3. Host B sets the lower value (1460) as the MSS for sending IP datagrams to Host A.
主机B将较小的值(1460)设置 MSS,以便向主机A发送IP数据报。
4. Host B compares its MSS buffer (8K) and its MTU (4462-40 = 4422) and uses 4422 as the MSS to send to Host A.
主机B比较其MSS缓冲区(8K)和其MTU(4462 - 40 = 4422),并使用4422作为MSS,以便发送到主机A。
12
5. Host A receives Host B's send MSS (4422) and compares it to the value of its outbound interface MTU -40 (1460).
主机A收到主机B的发送MSS(4422),并将其与出站接口MTU-40的值(1460)相比较。
6. Host A sets the lower value (1460) as the MSS for sending IP datagrams to Host B.
主机A将较小的值(1460)设置为MSS,以便向主机B发送IP数据报。
1460 is the value chosen by both hosts as the send MSS for each other. Often the send MSS value will be the same on each end of a TCP connection.
In Scenario 2, fragmentation does not occur at the endpoints of a TCP connection because both outgoing interface MTUs are taken into account by the hosts. Packets can still become fragmented in the network between Router A and Router B if they encounter a link with a lower MTU than that of either hosts' outbound interface.
1460便是两台主机为彼此选择的发送MSS的值。TCP连接两端的发送MSS的值通常相同。
场景2中,由于主机考虑了两个传出接口MTU,因此不会在TCP连接端点进行分段。如果数据包遇到其MTU值小于主机出站接口的MTU值的链路,那么在路由器A和路由器B之间的网络中,仍可以对数据包进行分段。
6、什么是PMTUD
TCP MSS as described above takes care of fragmentation at the two endpoints of a TCP connection, but it doesn't handle the case where there is a smaller MTU link in the middle between these two endpoints. PMTUD was developed to avoid fragmentation in the path between the endpoints. It is used to dynamically determine the lowest MTU along the path from a packet's source to its
13
destination.
Note: PMTUD is only supported by TCP. UDP and other protocols do not support it. If PMTUD is enabled on a host, and it almost always is, all TCP/IP packets from the host will have the DF bit set.
When a host sends a full MSS data packet with the DF bit set, PMTUD works by reducing the send MSS value for the connection if it receives information that the packet would require fragmentation. A host usually \destination by creating a \with this MTU value.
If a router tries to forward an IP datagram, with the DF bit set, onto a link that has a lower MTU than the size of the packet, the router will drop the packet and return an Internet Control Message Protocol (ICMP) \this IP datagram, with the code indicating \and DF set\ICMP message, it will lower the send MSS, and when TCP retransmits the segment, it will use the smaller segment size.
上述TCP MSS负责处理TCP连接的两个端点上的分段,而不会处理这两个端点之间存在更小MTU链路的情况。PMTUD的开发目的是为了避免在端点之间的路径中进行分段。它用于动态确定从数据包源到其目标之间的路径中的最小MTU。
注意:仅TCP支持PMTUD。UDP和其他协议不支持PMTUD。如果在主机上启用了PMTUD(实际上PMTUD几乎始终处于启用状态),来自该主机的所有TCP/IP数据包都会设置DF位。
当主机发送设置了DF位的完整MSS数据包时,如果收到需要对数据包进行分段的信息,则会通过降低连接的发送MSS值来运行PMTUD。主机在带MTU
14
值的路由表创建“主机”(/32)条目,从而“记住”目的地使用的MTU值。
如果路由器尝试向某一链路转发设置了DF位的IP数据报,而该链路的MTU小于数据包大小,则路由器将丢弃数据包,并向此IP数据报源返回Internet控制消息协议(ICMP)“无法到达目标”消息,并显示指明“需要分段和设置DF”的代码(类型3,代码4)。当源工作站收到ICMP消息时,将降低发送MSS并且当TCP重新传输该数据段时,它将使用更小的数据段大小。
Here is an example of an ICMP \message that you might see on a router after turning on the debug ip icmp command:
以下是ICMP“需要分段和设置DF”消息的一个示例,在启用debug ip icmp命令后,您可以在路由器上看到此消息:
ICMP: dst (10.10.10.10) frag. needed and DF set unreachable sent to 10.1.1.1 The diagram below shows the format of ICMP header of a
\
下图显示了“需要分段和设置DF”、“无法到达目标”消息的ICMP报头的格式。
Per RFC 1191, a router returning an ICMP message indicating \next-hop network in the low-order 16 bits of the ICMP additional
15