RE: Change MTU settings on Solaris 5.9

["Ryan, Neil (Mission Systems)" <Neil.Ryan () ngc com>]

Almost right.

The mtu in Solaris 9 is broken out into IPv4 and IPv6, so the command
should be:

# ndd -set /dev/tcp tcp_mss_max_ipv4 1460

You can query ndd by device as follows:

# ndd /dev/tcp \? 

This will show you all of the parameters you can read and/or write for
that device.

Good luck!

FYI - We had to drop our MTU on one box to 1300 to accommodate a
particular vpn scenario...


        -Neil 

-----Original Message-----
From: Cory Stoker [mailto:cory () clearnetsec com] 
Sent: Wednesday, October 12, 2005 8:03 PM
To: hpalmer () comsquared com; security-basics () securityfocus com
Subject: Re: Change MTU settings on Solaris 5.9

I think  this is what you need but I did not verify it on my Solaris box
beforehand:

disable PMTUD:
# ndd -set /dev/ip ip_path_mtu_discovery 0

set maximum MSS to 1460:
# ndd -set /dev/tcp tcp_mss_max 1460

You can enumerate the options to change by using ndd as well.

$ man ndd

---
Cory Stoker
ClearNet Security

On Oct 12, 2005, at 10:28 AM, hpalmer () comsquared com wrote:

> Recently a customer of ours has been having an issue w/ remote login 
> from multiple customers on there network.  Our company installed, 
> configured and setup A Sun Fire V250. The issue, there NetAdmin 
> states, "Our customers are not able to login to your /our Sun Box 
> because the MTU is at the default setting of 1500 and needs to be 1480

> or 1460."  This  I (System Database Admin) believe is totally wrong.  
> But to prove a point I would like to check the current settings and 
> make changes if needed.
> I read some where before that the changes could be made in /etc/ 
> networks/interfaces, but not able to locate that directory...
>
> any suggestions?
>
> Do or do not, there is no try. -Yoda.