Userland PPP MSS miscalculation?

Steve Bernacki moxiefreak at
Sun Jan 8 10:57:44 PST 2006

I think that I've stumbled upon a miscalculation that userland-PPP makes
when "mssfixup" is enabled and I wanted to run it by a larger audience
before I submitted a problem report.

By default, FreeBSD calculates the TCP MSS value of a new TCP connection by
taking the MTU of the egress interface and subtracting 40 -- 20 for ip
headers, and 20 for tcp headers.  Thus, A TCP SYN packet exiting an
interface with an MTU of 1500 will have an MSS of 1460.  Well behaved TCP
implementations seem to know that MSS is a value that does NOT include any
TCP options; the number of bytes that TCP options consume are effectively
subtracted from the agreed-upon MSS value.  So, for a "full" packet
(1500mtu/1460mss) with 12 bytes of TCP options, the maximum data payload
size is 1448.  1448 (payload) + 12 (TCP options) + 20 (TCP headers) + 20 (IP
headers) = 1500.

In userland-PPP, the MSS value of an outgoing TCP SYN packet is calculated
as such:

tcpmss.c: line 73:  [tcpmss.c,v]
#define MAXMSS(mtu) ((mtu) - sizeof(struct ip) - sizeof(struct tcphdr) - 12)

A change was made on 6/29/2004 to tcpmss.c to subtract 12 from the MAXMSS
calculation (See <>.
According to the PR report that caused the change (bin/32717), this was done
to pad additional space for TCP options that might be present.  The author,
Koji Mori, presents a test case that involves connecting to,
but I suspect that the bug was actually in NetBSD's MSS calculation,
although I've not done any research to see if this is the case.

By removing the -12 from the MAXMSS calculation and recompiling ppp,
outgoing SYN packets on my PPPoE-connected system now have an MSS value of
1452, which works perfectly well.  With the -12 included, the MSS is
calculated as 1440.  This works perfectly well of course, but it wastes 12
extra bytes that could be included in a packet's payload.

Am I missing something here, or is my evaluation correct?  If it is correct,
I'll go ahead and submit a PR to revert the "-12" change.


More information about the freebsd-questions mailing list