What is MSS?MSS is a term used in the computer network. It stands for the maximum segment size of the data packets. The network packet or data packet is the data that can be transferred using a network as a single unit. These are used to transmit the data in the IP transmissions sent via the internet or other network that communicate using internet protocol. This parameter sets the maximum limit to the network packet size that the node can send through a network such as the internet. All the data transmitted into the network is divided into several smaller chunks. These broken pieces of data are referred to as data packets. The additional data packet is provided additional information that describes the content in the data frame. It contains essential information for data transmissions, such as source and destination addresses. This information is attached as the header of the data packet. Maximum Segment Size computes the size of the non-header component of the network packet. This component is known as the data payload. In order to understand the concept of MSS, let us consider this analogy where a data packet can be represented as a transport truck. The header can represent the truck itself, while the payload is the trailer or the cargo being transported. There is a maximum capacity of the cargo that can be carried by trailer. If the trailer exceeds the particular capacity, then it may break, and the truck won't be able to continue its journey to the destination node. MSS can be defined as the largest transport control protocol data segment size that can be transmitted and received by the nodes in the network. The data segment is described as the length of the data payload; it excludes the packet header. The MSS is computed in bytes. MSS can be calculated using another metric unit to compute the size of the entire data packet. This unit is known as the MTU or the maximum transmission unit. MSS comprises the data payload and the TCP/IP headers. Considering the same analogy again, the MTU can be represented as the total weight of the entire truck, that is, the sum of the weight of the trailer/ cargo and the weight of the truck. MSS is equal to the MTU if the TCP/IP header size is subtracted from the maximum transmission unit. The formula for MTU can be represented as: MSS=MTU- (TCP /IP header) The header size can be up to 40 bytes in a data packet. Another difference between the MTU and MSS is that if the data packet size is more than the node maximum transmission unit, the data packet can either be dropped or further divided into smaller pieces. These pieces are referred to as data fragments. But if the data packet size exceeds the MSS, then the packet is simply dropped and not delivered to the receiver node. TCP and TCP HeaderThe Transport Control Protocol is a protocol that is responsible for ensuring the successful in-order delivery of the data packet. It ensures that none of the packets is lost during the transmission. Consider an example of a courier delivery called every courier receipt before the time. This will ensure that they will be home at a pre-decided time before transmitting the couriers. TCP works as the courier service in the networking, while the data packets act as the courier or the packages in the network. The TCP begins its operation by establishing a connection between the nodes that will use the network to communicate and transfer the data. The connection is established using a method known as a three-way handshake or the TCP handshake. The TCP is initiated by connecting the nodes to facilitate communication. The connection is established by performing a TCP handshake. The maximum segment size is determined by both nodes while performing the handshake. Both nodes determine the size of the data packets that either node can receive. This process is referred to as MSS clamping. TCP inserts additional data into each data packet. This header contains information regarding the connection and the sequence of the data packets. It also contains the sender and receiver port numbers essential for data transmission. Length of TCP and IP headerThe length of the TCP header is almost 20 bytes. The IP header contains additional data, such as the source and destination IP address. The length of the IP address is similar to that of a TCP header; it is also 20 bytes long. There are several optional header fields in the TCP and IP headers, but they increase the length of the headers and are used only when necessary. Byte is a data unit that is used to represent the memory size of the computers. A byte represents eight binary digits that combine eight ones and zeroes. Maximum Segment Size ExampleConsider a network router that has an MTU of 1500. it means that the maximum size of the data packet that can be transmitted using this network is 1500 bytes long. If the node transmits larger data packets through this router, then the data packets can be fragmented. Let us compute the MSS for the router. MSS = MTU - (TCP + IP header) As discussed above, the length of both the TCP and IP header is 20 bytes. Thus, to compute the MSS, subtract these headers' sizes from the MTU. 1460 = 1500 - (20 + 20) Thus, the router MSS should be 1460 bytes. If the size of the data packets is more than 1460 bytes, the packet will either be fragmented or dropped from the network. A node can transmit an overly large data packet into the network if the device is not informed of the MTU and MSS of the network routers or any other intermediary node that will be used during the data transmission. The nodes can perform MTU discovery to ensure that such incidents can be prevented in the network. Effect of Implementing IPsec on the MSSIPsec is the abbreviation for Internet Protocol security. It is an improvised version of the Internet Protocol, which is not secure. Data packets transmitted using the IPsec are encrypted to ensure that only the two nodes, that is, the sender and receiver node, can interpret the data. The data payload is kept secure from any other intermediary node. The protocol is used to establish virtual private networks. It increases the size of the data packets by adding a few additional bytes to the packet length. When using the protocol, this additional data must be taken into consideration when computing the MSS for the nodes. The modified formula for the MSS is as follows: MSS = MTU - (40 + IPsec) MSS and Transport LayerThe maximum segment size is computed in the transport layer. The metric is implemented when TCP is implemented. It is a transport layer protocol. It is similar to the maximum transmitted unit implemented in the OSI model's network layer. MSS ClampingThere may be instances where the network router is set to an MTU value less than the 1500 bytes standard that can be transmitted using the Ethernet connection. If the nodes are unaware of the lower MTU, this may lead to packet loss or difficulty in finding the data packet. In order to ensure that the data packet is successfully transmitted to the receiver node, the node could reduce the size of the incoming data packet payload. The reduction of size is possible by performing an MSS clamp. It is performed during the TCP handshake; the server can determine the MSS of the data packets and indicate to the nodes that it would accept the data packets within this range. This is called clamping, as the node clamps the maximum payload size it will receive from the other nodes. For instance, if two servers, say A and B, are trying to establish a TCP connection. The MSS value for the second server is 1430 bytes. After performing the TCP handshake, server A will transmit the maximum packet with a data payload size of 1430 bytes. This is limited until the connection is established. The MSS clamping can also be used to perform GRE tunnelling. In the GRE tunnelling, a 24-byte header is inserted into the original data packet meant to transmit to a new destination. The new data header contains information about the new receiver node in the network. If the size of the original data packet was more than 1476 bytes, then this would increase the size of the data packet from the typical 1500-byte maximum transmission unit. The data packet cannot be transmitted via Ethernet cable if the size exceeds the limits. Thus, we can use the MSS clamping technique to reduce the data payload size so that even if the largest GRE header is added to the data packet, the packet does not exceed the limit. Default Value of the MSSThe default value of the TCP MSS is set to 536 bytes in most nodes in the network. The server node can modify the default value of the MSS. The option to modify the MSS is provided in the TCP. The server can use this option to modify the TCP SYN data packet value when performing a TCP handshake. It is impossible to change the MSS value once the connection between the nodes is established. Inter-Layer CommunicationThe inter-layer communication is done to notify the value of the MSS to the next layer. This is done to ensure that the value of the data packets does not exceed the maximum transmission unit. The communication is performed as follows: The network driver or interface should be aware of the Maximum transmission unit that can be transmitted through the network directly attached to the node. The IP communicates with the network driver. It asks the driver the Maximum transmission unit that can be sent through the network. The TCP communicates with the internet protocol and determines the Maximum datagram data size (MDDS) that can be transmitted. The size of the MDDS is computed by subtracting the IP header from the MTU. Thus, the formula for MDDS is: MDDS = MTU - IP header length When a TCP connection is established, the TCP provides an option that allows the server to modify the value of MSS. The value of MSS is set to subtract the TCP header length from the MDDS. Thus, the formula to compute the MSS is as follows: MSS = MDD - TCP header length Or MSS = MTU - (TCP + IP Header) The inter-layer communication is also performed to transmit the TCP segment to the receiver node. The inter-layer communication is as follows in this scenario: TCP computes the maximum segment data size (MSDS) by using the default or the received value of the MSS option. The fragmentation of the data packet depends on the version of the IP used. The TCP communicates with IP to ensure that the fragmentation can be performed. If fragmentation can be performed, the TCP can transmit the IP segments (including the TCP header) equal to MSDS + TCP header length. If the fragmentation cannot be performed, the TCP transmits the data packet to the IP. The segment size, including the TCP header, should be less than MDDS or (MSDS + TCP header length). Internet protocol checks the size of the data packet transmitted by the TCP. If the length of the data packet is more than MDDS, then the packet will be dropped or fragmented. If it is less than or equal to MDDS, the IP header is added to the packet and forwarded to the network driver. Effect of MSS on the NetworkAdvantages of Using MSS:
Disadvantages of Using MSS:
Next TopicCyber security & Software security |