Posts Tagged ‘PIX-4-419001 MSS exceeded’

%PIX-4-419001 – MSS exceeded

September 3, 2008

We have┬ánoticed in our daily log a few warning messages stating that the MSS was exceeded (and the packet dropped). The MSS (Maximum Segment Size) is basically the largest amount of data that the device can handle in just one piece (without being broken in several pieces and transmitted individually). By default this is the expected behaviour within a Cisco Pix firewall. In our case, the defined MSS is 1380 bytes but the incoming packet was 1444. Depending on the firmware version the firewall can be configured to accept packets with a larger MSS. We will probably configure this firewall to do this. Compared to the total number of messages there are very few “MSS exceeded” ones, practically they can be ignored (approx. 0.005 %).