beautypg.com

Setting the mss value at the global level, Setting the mss value at the virtual server level, Setting the mss value at the virtual port level – Brocade Virtual ADX Security Guide (Supporting ADX v03.1.00) User Manual

Page 92

background image

80

Brocade Virtual ADX Security Guide

53-1003250-01

Configuring Syn-Proxy

5

3. Global level – Values configured at this level take effect over all SYN-ACK packets generated by

a Brocade Virtual ADX unless the MSS value is configured at one of the levels previous
described in 1, 2 or 3.

Setting the MSS value at the global level

To globally set the IPv4 MSS value for all SYN-ACK packets generated by a Brocade Virtual ADX, use
the following command:

Virtual ADX(config)#tcp-mss 128

Syntax: [no] tcp-mss mss-value

The mss-value variable specifies IPv4 MSS value for all SYN-ACK packets generated by the Brocade
Virtual ADX regardless of the client MSS value. This value can be from 64 to 1460. Make sure that
the IP MTU of the interfaces is always greater than the MSS value.

To globally set the IPv6 MSS value for all SYN-ACK packets generated by a Brocade Virtual ADX, use
the following command:

Virtual ADX(config)#tcp-mss-v6 128

Syntax: [no] tcp-mss-v6 mss-value

The mss-value variable specifies IPv6 MSS value for all SYN-ACK packets generated by the Brocade
Virtual ADX regardless of the client MSS value. This value can be from 1004 to 1440. Make sure
that the IP MTU of the interfaces is always greater than the MSS value.

NOTE

When tcp-mss is configured at the global level, the same value will work for both IPv4 traffic and IPv6
traffic.

Setting the MSS value at the virtual server level

To set the MSS value for all of the ports under a virtual server on a Brocade Virtual ADX, use the
following command:

Virtual ADX(config)#server virtual-name-or-ip v1

Virtual ADX(config-vs-v1)#tcp-mss 128

Syntax: [no] tcp-mss mss-value

The mss-value variable specifies MSS value for all SYN-ACK packets generated by the Brocade
Virtual ADX for this virtual server regardless of the client MSS value. This value can be from 64 to
9176 for IPv4 and 1004 to 9176 for IPv6. Make sure that the IP MTU of the interfaces is always
greater than the MSS value.

Setting the MSS value at the virtual port level

To set the MSS value for a specific virtual port on a Brocade Virtual ADX, use the following
command:

Virtual ADX(config)#server virtual-name-or-ip v1

Virtual ADX(config-vs-v1)#port http tcp-mss 128

Syntax: [no] port port-value tcp-mss mss-value

See also other documents in the category Brocade Computer Accessories: