K-29
User Guide for Cisco Security Manager 3.2
OL-16066-01
AppendixK Router Platform User Interface Reference
Advanced Interface Settings Page
TCP Maximum
Segment Size
The maximum segment size (MSS) of TCP SYN packets that pass through
this interface. Valid values range from 500 to 1460 bytes. If you do not
specify a value, the MSS is determined by the originating host.
This option helps prevent TCP sessions from being dropped as they pass
through the router. Use this option when the ICMP messages that perform
auto-negotiation of TCP frame size are blocked (for example, by a firewall).
We highly recommend using this option on the tunnel interfaces of DMVPN
networks.
For more information, see TCP MSS Adjustment at this URL:
http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_featur
e_guide09186a00804247fc.html
Note Typically, the optimum MSS is 1452 bytes. This value plus the
20-byte IP header, the 20-byte TCP header, and the 8-byte PPPoE
header add up to a 1500-byte packet that matches the MTU size for
the Ethernet link.
Helper Addresses The helper addresses that are used to forward User Datagram Protocol
(UDP) broadcasts that are received on this interface. Enter one or more
addresses or network/host objects, or click Select to display an Object
Selectors, page F-593.
If the network you want is not listed, click the Create button in the selector
to display the Network/Host Dialog Box, page F-477. From here, you can
define a network/host object.
By default, routers do not forward broadcasts outside of their subnet. Helper
addresses provide a solution by enabling the router to forward certain types
of UDP broadcasts as a unicast to an address on the destination subnet.
For more information, see Understanding Helper Addresses, page 15-29.
TableK-13 Advanced Interface Settings Dialog Box (Continued)