TCP maximum segment size (MSS) adjustment can be used to clamp the MSS value that is sent during a TCP handshake. If the MSS option is not present, or is bigger than the configured value, then the firewall changes it to the configured value.
This is useful when a low-MTU link is used, such as during tunneling. If the MSS is changed to match the low MTU, IP layer packet fragmentation can be avoided, improving the performance of both the firewall and the end hosts.