Segmentist - Maximum Segment Size Test

This is a test site to check whether a given HTTP(S) service appears to respect Maximum Segment Size (MSS) restrictions.
Currently out of service, until I find time to port this tool to aya or libbpf-rs. (This message means that the input below doesn't work)
Warning: This tool is currently in early alpha state. There are still missing features, and incorrect results may appear. Help is appreciated!

What's MSS?

MSS is the maximum size a data packet can have in a TCP segment. A TCP segment is the payload contained within TCP, i.e. the packet size without OSI layer 2/3/4 headers. MSS can be advertised by hosts during the TCP handshake and is often 1460 bytes, because the maximum size of an IP data-packet is often 1500 bytes, and the IPv4 and TCP headers are ~40 bytes long, though this can vary depending on options.

About this tool

This tool (source on GitHub) allows you to test a certain server, identified by an URL, to check whether that host appears to honor the MSS advertised by a system. To do this, this tool advertises a fake MSS of 1000 bytes, even though the underlying network is capable of handling larger packets. We analyze raw network packets to check their sizes and then infer whether a host appears to honor the 1000 byte limit. 1000 bytes is much lower than what a usual network can handle, but it's also not unreasonably small.


Limitations