Bug ID 658036: Honoring negotiated MSS for TCP segmentation

Last Modified: Apr 19, 2021

Bug Tracker

Affected Product:  See more info
BIG-IP All(all modules)

Known Affected Versions:
11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.6.1, 11.6.1 HF1, 11.6.1 HF2, 11.6.2, 11.6.2 HF1, 11.6.3,,,,, 11.6.4, 11.6.5,,,, 12.0.0, 12.0.0 HF1, 12.0.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3,,,,,,,, 12.1.4,, 12.1.5,,,, 12.1.6, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1

Fixed In:

Opened: Apr 12, 2017
Severity: 3-Major
Related AskF5 Article:


Following are the symptoms: 1. When the BIG-IP system's MTUs are larger than the smallest MTU in the end-to-end path: -- The BIG-IP system does not mark coalesced packets larger than egress MSS but smaller than egress MTU in the BIG-IP system for segmentation. Therefore, the BIG-IP system receives 'ICMP fragmentation needed' messages from an intermediate router which drops the packets when the Don't Fragment (DF) bit is set in IP header. 2. When the BIG-IP system's MTUs are less than 1500: -- On ingress, the BIG-IP system rejects coalesced packets larger than ingress MTU and less than 1500 and having DF bit set in IP header. the BIG-IP system sends 'ICMP fragmentation needed' message to sender.


No traffic or very low throughput.


* Generic Receive Offload (GRO) and Large Receive Offload (LRO) for data plane interfaces are supported and enabled (both in host and guest). * Packets are sent with DF bit set. * For #1: -- FastL4 profile in use. -- The BIG-IP system's VLAN MTUs are larger than the smallest MTU in the end-to-end path. * For #2: -- The BIG-IP system's MTUs are set to a value that is less than 1500. -- The packets' DF bits are set.


Disable LRO and GRO for data plane interfaces using the following command: tmsh modify sys db tm.tcplargereceiveoffload value disable. Note: For KVM virtio devices, LRO/GRO need to be turned off in host NIC.

Fix Information

The BIG-IP system fastL4 stack now uses discovered MSS to determine whether TCP segmentation is required.

Behavior Change