Tutorial
Physical Layer
Data Link layer
Network Layer
Routing Algorithm
Transport Layer
Application Layer
Network Security
Misc
- Router
- OSI vs TCP/IP
- TCP vs UDP
- Transmission Control Protocol
- TCP port
- IPv4 vs IPv6
- ARP Packet Format
- ARP Table
- Working of ARP
- FTP Client
- FTP Commands
- FTP Server
- I2C Protocol
- Sliding Window Protocol
- SPI Protocol
- IP
- ARP Commands
- ARP
- Address Resolution Protocol
- ARP and its types
- TCP Retransmission
- CAN protocol
- HTTP Status Codes
- HTTP vs HTTPS
- RIP Protocol
- UDP Protocol
- ICMP Protocol
- MQTT protocol
- OSPF Protocol
- Stop and Wait Protocol
- IMAP Protocol
- POP Protocol
- CIFS
- DAS
- DIMM
- iSCSI
- NAS (Network Attached Storage)
- NFS
- NVMe
- SAN
- Border Gateway Protocol
- Go-Back-N ARQ
- RJ Cable
- Difference between Connection-Oriented and Connectionless Service
- CDMA vs. GSM
- What is MAC Address
- Modem vs. Router
- Switch Vs. Router
- USB 2.0 vs 3.0
- Difference between CSMA CA and CSMA CD
- Multiple access protocol- ALOHA, CSMA, CSMA/CA and CSMA/CD
- URI vs URL
- IMAP vs. POP3
- SSH Meaning| SSH Protocol
- UTP vs STP
- Status Code 400
- MIME Protocol
- IP address
- proxy server
- How to set up and use a proxy server
- network security
- WWW is based on which model
- Proxy Server List
- Fundamentals of Computer Networking
- IP Address Format and Table
- Bus topology and Ring topology
- Bus topology and Star topology
- Circuit Switching and Packet switching?
- Difference between star and ring topology
- Difference between Router and Bridge
- TCP Connection Termination
- Image Steganography
- Network Neutrality
- Onion Routing
- Adaptive security appliance (ASA) features
- Relabel-to-front Algorithm
- Types of Server Virtualization in Computer Network
- Access Lists (ACL)
- What is a proxy server and how does it work
- Digital Subscriber Line (DSL)
- Operating system based Virtualization
- Context based Access Control (CBAC)
- Cristian's Algorithm
- Service Set Identifier (SSID)
- Voice over Internet Protocol (VoIP)
- Challenge Response Authentication Mechanism (CRAM)
- Extended Access List
- Li-fi vs. Wi-fi
- Reflexive Access List
- Synchronous Optical Network (SONET)
- Wifi protected access (WPA)
- Wifi Protected Setup (WPS)
- Standard Access List
- Time Access List
- What is 3D Internet
- 4G Mobile Communication Technology
- Types of Wireless Transmission Media
- Best Computer Networking Courses
- Data Representation
- Network Criteria
- Classful vs Classless addressing
- Difference between BOOTP and RARP in Computer Networking
- What is AGP (Accelerated Graphics Port)
- Advantages and Disadvantages of Satellite Communication
- External IP Address
- Asynchronous Transfer Mode (ATM)
- Types of Authentication Protocols
- What is a CISCO Packet Tracer
- BOOTP work
- Subnetting in Computer Networks
- Mesh Topology Advantages and Disadvantages
- Ring Topology Advantages and Disadvantages
- Star Topology Advantages and Disadvantages
- Tree Topology Advantages and Disadvantages
- Zigbee Technology-The smart home protocol
- Network Layer in OSI Model
- Physical Layer in OSI Model
- Data Link Layer in OSI Model
- Internet explorer shortcut keys
- Network Layer Security | SSL Protocols
- Presentation Layer in OSI Model
- Session Layer in OSI Model
- SUBNET MASK
- Transport Layer Security | Secure Socket Layer (SSL) and SSL Architecture
- Functions, Advantages and Disadvantages of Network Layer
- Protocols in Noiseless and Noisy Channel
- Advantages and Disadvantages of Mesh Topology
- Cloud Networking - Managing and Optimizing Cloud-Based Networks
- Collision Domain and Broadcast Domain
- Count to Infinity Problem in Distance Vector Routing
- Difference Between Go-Back-N and Selective Repeat Protocol
- Difference between Stop and Wait, GoBackN, and Selective Repeat
- Network Function Virtualization (NFV): transforming Network Architecture with Virtualized Functions
- Network-Layer Security | IPSec Modes
- Next - Prev Network-Layer Security | IPSec Protocols and Services
- Ping vs Traceroute
- Software Defined Networking (SDN): Benefits and Challenges of Network Virtualization
- Software Defined Networking (SDN) vs. Network Function Virtualization (NFV)
- Virtual Circuits vs Datagram Networks
- BlueSmack Attack in Wireless Networks
- Bluesnarfing Attack in Wireless Networks
- Direct Sequence Spread Spectrum
- Warchalking in Wireless Networks
- WEP (Wired Equivalent Privacy)
- Wireless security encryption
- Wireless Security in an Enterprise
- Quantum Networking
- Network Automation
- Difference between MSS and MTU
- What is MTU
- Mesh Networks: A decentralized and Self-Organizing Approach to Networking
- What is Autonomous System
- What is MSS
- Cyber security & Software security
- Information security & Network security.
- Security Engineer & Security Architect
- Protection Methods for Network Security
- Trusted Systems in Network Security
- What are Authentication Tokens in Network security
- Cookies in Network Security
- Intruders in Network Security
- Network Security Toolkit (NST) in virtual box
- Pivoting-Moving Inside a Network
- Security Environment in Computer Networks
- Voice Biometric technique in Network Security
- Advantages and Disadvantages of Conventional Testing
- Difference between Kerberos and LDAP
- Cyber security and Information Security
- GraphQL Attacks and Security
- Application Layer in OSI Model
- Applications of Remote Sensing
- Seven Layers of IT Security
- What is Ad Hoc TCP
- What is Server Name Indication(SNI)
What is MSS
MSS is a term used in the computer network. It stands for the maximum segment size of the data packets. The network packet or data packet is the data that can be transferred using a network as a single unit. These are used to transmit the data in the IP transmissions sent via the internet or other network that communicate using internet protocol.
This parameter sets the maximum limit to the network packet size that the node can send through a network such as the internet. All the data transmitted into the network is divided into several smaller chunks. These broken pieces of data are referred to as data packets. The additional data packet is provided additional information that describes the content in the data frame. It contains essential information for data transmissions, such as source and destination addresses. This information is attached as the header of the data packet. Maximum Segment Size computes the size of the non-header component of the network packet. This component is known as the data payload.
In order to understand the concept of MSS, let us consider this analogy where a data packet can be represented as a transport truck. The header can represent the truck itself, while the payload is the trailer or the cargo being transported. There is a maximum capacity of the cargo that can be carried by trailer. If the trailer exceeds the particular capacity, then it may break, and the truck won't be able to continue its journey to the destination node.
MSS can be defined as the largest transport control protocol data segment size that can be transmitted and received by the nodes in the network. The data segment is described as the length of the data payload; it excludes the packet header. The MSS is computed in bytes.
MSS can be calculated using another metric unit to compute the size of the entire data packet. This unit is known as the MTU or the maximum transmission unit. MSS comprises the data payload and the TCP/IP headers.
Considering the same analogy again, the MTU can be represented as the total weight of the entire truck, that is, the sum of the weight of the trailer/ cargo and the weight of the truck.
MSS is equal to the MTU if the TCP/IP header size is subtracted from the maximum transmission unit. The formula for MTU can be represented as:
MSS=MTU- (TCP /IP header)
The header size can be up to 40 bytes in a data packet.
Another difference between the MTU and MSS is that if the data packet size is more than the node maximum transmission unit, the data packet can either be dropped or further divided into smaller pieces. These pieces are referred to as data fragments. But if the data packet size exceeds the MSS, then the packet is simply dropped and not delivered to the receiver node.
TCP and TCP Header
The Transport Control Protocol is a protocol that is responsible for ensuring the successful in-order delivery of the data packet. It ensures that none of the packets is lost during the transmission.
Consider an example of a courier delivery called every courier receipt before the time. This will ensure that they will be home at a pre-decided time before transmitting the couriers. TCP works as the courier service in the networking, while the data packets act as the courier or the packages in the network.
The TCP begins its operation by establishing a connection between the nodes that will use the network to communicate and transfer the data. The connection is established using a method known as a three-way handshake or the TCP handshake.
The TCP is initiated by connecting the nodes to facilitate communication. The connection is established by performing a TCP handshake. The maximum segment size is determined by both nodes while performing the handshake. Both nodes determine the size of the data packets that either node can receive. This process is referred to as MSS clamping. TCP inserts additional data into each data packet. This header contains information regarding the connection and the sequence of the data packets. It also contains the sender and receiver port numbers essential for data transmission.
Length of TCP and IP header
The length of the TCP header is almost 20 bytes. The IP header contains additional data, such as the source and destination IP address. The length of the IP address is similar to that of a TCP header; it is also 20 bytes long. There are several optional header fields in the TCP and IP headers, but they increase the length of the headers and are used only when necessary.
Byte is a data unit that is used to represent the memory size of the computers. A byte represents eight binary digits that combine eight ones and zeroes.
Maximum Segment Size Example
Consider a network router that has an MTU of 1500. it means that the maximum size of the data packet that can be transmitted using this network is 1500 bytes long. If the node transmits larger data packets through this router, then the data packets can be fragmented.
Let us compute the MSS for the router.
MSS = MTU - (TCP + IP header)
As discussed above, the length of both the TCP and IP header is 20 bytes. Thus, to compute the MSS, subtract these headers' sizes from the MTU.
1460 = 1500 - (20 + 20)
Thus, the router MSS should be 1460 bytes. If the size of the data packets is more than 1460 bytes, the packet will either be fragmented or dropped from the network. A node can transmit an overly large data packet into the network if the device is not informed of the MTU and MSS of the network routers or any other intermediary node that will be used during the data transmission. The nodes can perform MTU discovery to ensure that such incidents can be prevented in the network.
Effect of Implementing IPsec on the MSS
IPsec is the abbreviation for Internet Protocol security. It is an improvised version of the Internet Protocol, which is not secure. Data packets transmitted using the IPsec are encrypted to ensure that only the two nodes, that is, the sender and receiver node, can interpret the data. The data payload is kept secure from any other intermediary node. The protocol is used to establish virtual private networks.
It increases the size of the data packets by adding a few additional bytes to the packet length. When using the protocol, this additional data must be taken into consideration when computing the MSS for the nodes.
The modified formula for the MSS is as follows:
MSS = MTU - (40 + IPsec)
MSS and Transport Layer
The maximum segment size is computed in the transport layer. The metric is implemented when TCP is implemented. It is a transport layer protocol. It is similar to the maximum transmitted unit implemented in the OSI model's network layer.
MSS Clamping
There may be instances where the network router is set to an MTU value less than the 1500 bytes standard that can be transmitted using the Ethernet connection. If the nodes are unaware of the lower MTU, this may lead to packet loss or difficulty in finding the data packet.
In order to ensure that the data packet is successfully transmitted to the receiver node, the node could reduce the size of the incoming data packet payload. The reduction of size is possible by performing an MSS clamp. It is performed during the TCP handshake; the server can determine the MSS of the data packets and indicate to the nodes that it would accept the data packets within this range. This is called clamping, as the node clamps the maximum payload size it will receive from the other nodes.
For instance, if two servers, say A and B, are trying to establish a TCP connection. The MSS value for the second server is 1430 bytes. After performing the TCP handshake, server A will transmit the maximum packet with a data payload size of 1430 bytes. This is limited until the connection is established.
The MSS clamping can also be used to perform GRE tunnelling. In the GRE tunnelling, a 24-byte header is inserted into the original data packet meant to transmit to a new destination. The new data header contains information about the new receiver node in the network. If the size of the original data packet was more than 1476 bytes, then this would increase the size of the data packet from the typical 1500-byte maximum transmission unit. The data packet cannot be transmitted via Ethernet cable if the size exceeds the limits. Thus, we can use the MSS clamping technique to reduce the data payload size so that even if the largest GRE header is added to the data packet, the packet does not exceed the limit.
Default Value of the MSS
The default value of the TCP MSS is set to 536 bytes in most nodes in the network. The server node can modify the default value of the MSS. The option to modify the MSS is provided in the TCP. The server can use this option to modify the TCP SYN data packet value when performing a TCP handshake. It is impossible to change the MSS value once the connection between the nodes is established.
Inter-Layer Communication
The inter-layer communication is done to notify the value of the MSS to the next layer. This is done to ensure that the value of the data packets does not exceed the maximum transmission unit. The communication is performed as follows:
The network driver or interface should be aware of the Maximum transmission unit that can be transmitted through the network directly attached to the node.
The IP communicates with the network driver. It asks the driver the Maximum transmission unit that can be sent through the network.
The TCP communicates with the internet protocol and determines the Maximum datagram data size (MDDS) that can be transmitted. The size of the MDDS is computed by subtracting the IP header from the MTU.
Thus, the formula for MDDS is:
MDDS = MTU - IP header length
When a TCP connection is established, the TCP provides an option that allows the server to modify the value of MSS. The value of MSS is set to subtract the TCP header length from the MDDS. Thus, the formula to compute the MSS is as follows:
MSS = MDD - TCP header length
Or
MSS = MTU - (TCP + IP Header)
The inter-layer communication is also performed to transmit the TCP segment to the receiver node. The inter-layer communication is as follows in this scenario:
TCP computes the maximum segment data size (MSDS) by using the default or the received value of the MSS option.
The fragmentation of the data packet depends on the version of the IP used. The TCP communicates
with IP to ensure that the fragmentation can be performed.
If fragmentation can be performed, the TCP can transmit the IP segments (including the TCP header) equal to MSDS + TCP header length.
If the fragmentation cannot be performed, the TCP transmits the data packet to the IP. The segment size, including the TCP header, should be less than MDDS or (MSDS + TCP header length).
Internet protocol checks the size of the data packet transmitted by the TCP. If the length of the data packet is more than MDDS, then the packet will be dropped or fragmented. If it is less than or equal to MDDS, the IP header is added to the packet and forwarded to the network driver.
Effect of MSS on the Network
Advantages of Using MSS:
- The network latency can be reduced by reducing the maximum data packet size that can be transmitted to the network.
- The value of the MSS is determined while performing the TCP three-way handshake. It cannot be modified after establishing a connection. Thus, the MSS is fixed for all the data packets. It remains the same for all the data packets transmitted in the network.
- The OS can modify or set the maximum size of the segment transmitted by the nodes.
- The operating system can be used to set or alter the maximum size.
Disadvantages of Using MSS:
- The TCP handshake determines the maximum segment size, but if the value assigned during the handshake is too low, then the traffic stream is divided into numerous little packets. This can reduce the performance of the network.
- If the size of the data packets is larger than the MSS, then the data packet is removed from the network.