diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/router-path-selection.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/router-path-selection.md
index 3bf36d73f92..4bc8900f8bb 100644
--- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/router-path-selection.md
+++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/router-path-selection.md
@@ -42,6 +42,12 @@ interface Management1
| ------ | ----- |
| Dynamic peers source | STUN |
+#### TCP MSS Ceiling Configuration
+
+| IPV4 segment size | Direction |
+| ----------------- | --------- |
+| 200 | ingress |
+
#### Path Groups
##### Path Group PG-1
@@ -156,6 +162,7 @@ interface Management1
!
router path-selection
peer dynamic source stun
+ tcp mss ceiling ipv4 200 ingress
!
path-group PG-1 id 666
keepalive interval 200 milliseconds failure-threshold 3 intervals
diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/router-path-selection.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/router-path-selection.cfg
index 49a898a4f7e..55c1867cff8 100644
--- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/router-path-selection.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/router-path-selection.cfg
@@ -6,6 +6,7 @@ hostname router-path-selection
!
router path-selection
peer dynamic source stun
+ tcp mss ceiling ipv4 200 ingress
!
path-group PG-1 id 666
keepalive interval 200 milliseconds failure-threshold 3 intervals
diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/router-path-selection.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/router-path-selection.yml
index 9e44fff0eea..ead4f0c5950 100644
--- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/router-path-selection.yml
+++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/router-path-selection.yml
@@ -128,3 +128,5 @@ router_path_selection:
path_selection_policy: DPS-P-1
# testing VRF without path_selection_policy
- name: VRF-3
+ tcp_mss_ceiling:
+ ipv4_segment_size: 200
diff --git a/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/router-path-selection.md b/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/router-path-selection.md
index b3fc4a3cc59..eb093233202 100644
--- a/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/router-path-selection.md
+++ b/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/router-path-selection.md
@@ -59,6 +59,9 @@
| [ vrfs](## "router_path_selection.vrfs") | List, items: Dictionary | | | | |
| [ - name](## "router_path_selection.vrfs.[].name") | String | Required, Unique | | | VRF name. |
| [ path_selection_policy](## "router_path_selection.vrfs.[].path_selection_policy") | String | | | | DPS policy name to use for this VRF. |
+ | [ tcp_mss_ceiling](## "router_path_selection.tcp_mss_ceiling") | Dictionary | | | | |
+ | [ ipv4_segment_size](## "router_path_selection.tcp_mss_ceiling.ipv4_segment_size") | String | | | | Segment Size for IPv4.
Can be an integer in the range 64-65515 or "auto".
"auto" will enable auto-discovery which clamps the TCP MSS value to the minimum of all the direct paths
and multi-hop path MTU towards a remote VTEP (minus 40bytes to account for IP + TCP header). |
+ | [ direction](## "router_path_selection.tcp_mss_ceiling.direction") | String | | `ingress` | Valid Values:
- ingress
| Enforce on packets through DPS tunnel for a specific direction.
Only 'ingress' direction is supported. |
=== "YAML"
@@ -186,4 +189,15 @@
# DPS policy name to use for this VRF.
path_selection_policy:
+ tcp_mss_ceiling:
+
+ # Segment Size for IPv4.
+ # Can be an integer in the range 64-65515 or "auto".
+ # "auto" will enable auto-discovery which clamps the TCP MSS value to the minimum of all the direct paths
+ # and multi-hop path MTU towards a remote VTEP (minus 40bytes to account for IP + TCP header).
+ ipv4_segment_size:
+
+ # Enforce on packets through DPS tunnel for a specific direction.
+ # Only 'ingress' direction is supported.
+ direction:
```
diff --git a/ansible_collections/arista/avd/roles/eos_cli_config_gen/schemas/eos_cli_config_gen.jsonschema.json b/ansible_collections/arista/avd/roles/eos_cli_config_gen/schemas/eos_cli_config_gen.jsonschema.json
index 127ff9c7970..81fa17251e7 100644
--- a/ansible_collections/arista/avd/roles/eos_cli_config_gen/schemas/eos_cli_config_gen.jsonschema.json
+++ b/ansible_collections/arista/avd/roles/eos_cli_config_gen/schemas/eos_cli_config_gen.jsonschema.json
@@ -22186,6 +22186,30 @@
]
},
"title": "VRFs"
+ },
+ "tcp_mss_ceiling": {
+ "type": "object",
+ "properties": {
+ "ipv4_segment_size": {
+ "type": "string",
+ "description": "Segment Size for IPv4.\nCan be an integer in the range 64-65515 or \"auto\".\n\"auto\" will enable auto-discovery which clamps the TCP MSS value to the minimum of all the direct paths\nand multi-hop path MTU towards a remote VTEP (minus 40bytes to account for IP + TCP header).",
+ "title": "IPv4 Segment Size"
+ },
+ "direction": {
+ "type": "string",
+ "enum": [
+ "ingress"
+ ],
+ "default": "ingress",
+ "description": "Enforce on packets through DPS tunnel for a specific direction.\nOnly 'ingress' direction is supported.",
+ "title": "Direction"
+ }
+ },
+ "additionalProperties": false,
+ "patternProperties": {
+ "^_.+$": {}
+ },
+ "title": "TCP Mss Ceiling"
}
},
"additionalProperties": false,
diff --git a/ansible_collections/arista/avd/roles/eos_cli_config_gen/schemas/eos_cli_config_gen.schema.yml b/ansible_collections/arista/avd/roles/eos_cli_config_gen/schemas/eos_cli_config_gen.schema.yml
index f8593043122..bc1fb8a6985 100644
--- a/ansible_collections/arista/avd/roles/eos_cli_config_gen/schemas/eos_cli_config_gen.schema.yml
+++ b/ansible_collections/arista/avd/roles/eos_cli_config_gen/schemas/eos_cli_config_gen.schema.yml
@@ -12829,6 +12829,30 @@ keys:
path_selection_policy:
type: str
description: DPS policy name to use for this VRF.
+ tcp_mss_ceiling:
+ type: dict
+ keys:
+ ipv4_segment_size:
+ type: str
+ description: 'Segment Size for IPv4.
+
+ Can be an integer in the range 64-65515 or "auto".
+
+ "auto" will enable auto-discovery which clamps the TCP MSS value to
+ the minimum of all the direct paths
+
+ and multi-hop path MTU towards a remote VTEP (minus 40bytes to account
+ for IP + TCP header).'
+ convert_types:
+ - int
+ direction:
+ type: str
+ valid_values:
+ - ingress
+ default: ingress
+ description: 'Enforce on packets through DPS tunnel for a specific direction.
+
+ Only ''ingress'' direction is supported.'
router_pim_sparse_mode:
type: dict
keys:
diff --git a/ansible_collections/arista/avd/roles/eos_cli_config_gen/schemas/schema_fragments/router_path_selection.schema.yml b/ansible_collections/arista/avd/roles/eos_cli_config_gen/schemas/schema_fragments/router_path_selection.schema.yml
index a2c0431937e..dd2e675ac6d 100644
--- a/ansible_collections/arista/avd/roles/eos_cli_config_gen/schemas/schema_fragments/router_path_selection.schema.yml
+++ b/ansible_collections/arista/avd/roles/eos_cli_config_gen/schemas/schema_fragments/router_path_selection.schema.yml
@@ -237,3 +237,22 @@ keys:
path_selection_policy:
type: str
description: DPS policy name to use for this VRF.
+ tcp_mss_ceiling:
+ type: dict
+ keys:
+ ipv4_segment_size:
+ type: str
+ description: |-
+ Segment Size for IPv4.
+ Can be an integer in the range 64-65515 or "auto".
+ "auto" will enable auto-discovery which clamps the TCP MSS value to the minimum of all the direct paths
+ and multi-hop path MTU towards a remote VTEP (minus 40bytes to account for IP + TCP header).
+ convert_types:
+ - int
+ direction:
+ type: str
+ valid_values: ["ingress"]
+ default: ingress
+ description: |-
+ Enforce on packets through DPS tunnel for a specific direction.
+ Only 'ingress' direction is supported.
diff --git a/ansible_collections/arista/avd/roles/eos_cli_config_gen/templates/documentation/router-path-selection.j2 b/ansible_collections/arista/avd/roles/eos_cli_config_gen/templates/documentation/router-path-selection.j2
index 1bc36d1df87..6083373d3ba 100644
--- a/ansible_collections/arista/avd/roles/eos_cli_config_gen/templates/documentation/router-path-selection.j2
+++ b/ansible_collections/arista/avd/roles/eos_cli_config_gen/templates/documentation/router-path-selection.j2
@@ -15,6 +15,14 @@
| ------ | ----- |
| Dynamic peers source | {{ router_path_selection.peer_dynamic_source | upper }} |
{% endif %}
+{% if router_path_selection.tcp_mss_ceiling.ipv4_segment_size is arista.avd.defined %}
+
+#### TCP MSS Ceiling Configuration
+
+| IPV4 segment size | Direction |
+| ----------------- | --------- |
+| {{ router_path_selection.tcp_mss_ceiling.ipv4_segment_size }} | {{ router_path_selection.tcp_mss_ceiling.direction | arista.avd.default("ingress") }} |
+{% endif %}
{% if router_path_selection.path_groups is arista.avd.defined %}
#### Path Groups
diff --git a/ansible_collections/arista/avd/roles/eos_cli_config_gen/templates/eos/router-path-selection.j2 b/ansible_collections/arista/avd/roles/eos_cli_config_gen/templates/eos/router-path-selection.j2
index ba85dd1354e..15923e512ee 100644
--- a/ansible_collections/arista/avd/roles/eos_cli_config_gen/templates/eos/router-path-selection.j2
+++ b/ansible_collections/arista/avd/roles/eos_cli_config_gen/templates/eos/router-path-selection.j2
@@ -10,6 +10,13 @@ router path-selection
{% if router_path_selection.peer_dynamic_source is arista.avd.defined %}
peer dynamic source {{ router_path_selection.peer_dynamic_source }}
{% endif %}
+{% if router_path_selection.tcp_mss_ceiling.ipv4_segment_size is arista.avd.defined %}
+{% set tcp_mss_ceiling_cli = "tcp mss ceiling ipv4" %}
+{% if router_path_selection.tcp_mss_ceiling.ipv4_segment_size != "auto" %}
+{% set tcp_mss_ceiling_cli = tcp_mss_ceiling_cli ~ " " ~ router_path_selection.tcp_mss_ceiling.ipv4_segment_size %}
+{% endif %}
+ {{ tcp_mss_ceiling_cli }} {{ router_path_selection.tcp_mss_ceiling.direction | arista.avd.default("ingress") }}
+{% endif %}
{# path group #}
{% for path_group in router_path_selection.path_groups | arista.avd.natural_sort('name') %}
{% set path_group_def = "path-group " ~ path_group.name %}