6rd mtu issue
Posted: Thu Apr 08, 2021 3:43 pm
I'm trying to diagnose exactly what's wrong with the 6rd tunnel and connecting via IPv6 to certain sites. This is on Fusion x2 service.
Issue: browsing with Firefox to youtube.com or netflix.com is very slow or times out due to what appears to be dropped frames when they exceed the 6rd tunnel's MTU.
The issue exists with Chrome as well however Firefox seems to use "stickier" connections whereas Chrome will abandon slow IPv6 connections much faster. This causes the page to load but covers the issue up.
I think my router is properly configured. wan_stf has an MTU of 1480, igb0(WAN) has an MTU of 1500, the IPv6 default route has an MTU of 1480, and RADVD advertises a route with MTU of 1500 for the LAN. All of this seems correct. All ICMP is allowed to the router and systems on LAN net (IPv6).
I observe IPv6 TCP connections to netflix using an MSS of 1440 in both directions. Then some request is made on the client side and presumably the server responds with a full sized packet which never arrives. I would expect a router along the way to send an ICMPv6 packet too big message back to netflix but I can only assume this isn't happening. The connection stalls and after a long time RSTs.
With that observation, is Sonic blocking icmpv6 at some point in the network? Is path MTU discovery working as it should?
If I clamp MSS down to 1420 then everything works great with IPv6. Unfortunately I'm not sure how to permanently do that on my router without also clamping IPv4.
Issue: browsing with Firefox to youtube.com or netflix.com is very slow or times out due to what appears to be dropped frames when they exceed the 6rd tunnel's MTU.
The issue exists with Chrome as well however Firefox seems to use "stickier" connections whereas Chrome will abandon slow IPv6 connections much faster. This causes the page to load but covers the issue up.
I think my router is properly configured. wan_stf has an MTU of 1480, igb0(WAN) has an MTU of 1500, the IPv6 default route has an MTU of 1480, and RADVD advertises a route with MTU of 1500 for the LAN. All of this seems correct. All ICMP is allowed to the router and systems on LAN net (IPv6).
I observe IPv6 TCP connections to netflix using an MSS of 1440 in both directions. Then some request is made on the client side and presumably the server responds with a full sized packet which never arrives. I would expect a router along the way to send an ICMPv6 packet too big message back to netflix but I can only assume this isn't happening. The connection stalls and after a long time RSTs.
With that observation, is Sonic blocking icmpv6 at some point in the network? Is path MTU discovery working as it should?
If I clamp MSS down to 1420 then everything works great with IPv6. Unfortunately I'm not sure how to permanently do that on my router without also clamping IPv4.