IPv6 connectivity, via 6RD, extremely poor performance.

Internet access discussion, including Fusion, IP Broadband, and Gigabit Fiber!
13 posts Page 1 of 2
by nhbriggs » Tue Oct 11, 2022 9:07 pm
I have a 6RD tunnel set up on my Sonic-supported SR515ac router, using the instructions Sonic published at https://help.sonic.com/hc/en-us/article ... -IPv6-Tool, which had been working well for years.

Starting a couple of months ago, I noticed increasing delays retrieving web pages from hosts that are accessed via IPv6. If I turn off v6 on my Mac the pages are almost instantly retrievable via IPv4, but turn it back on and it's back to molasses.

Near as I can tell, it's taking a *looong* time to do the TLS handshake with the server, if it ever actually completes.
Is there some v6 performance issue in the way Sonic is connected to the world? I do not see this when doing the same test from other connection points on the net.

For example, from a non-Sonic host:

Code: Select all

% curl -6 'https://i.guim.co.uk/img/media/9037613144a28cb2df0d67bfc0c8f56318c7eab7/0_300_4600_2760/master/4600.jpg?width=620&quality=85&dpr=1&s=none' --output /tmp/foo.img
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 57507  100 57507    0     0   567k      0 --:--:-- --:--:-- --:--:--  578k
From my Sonic connected host:

Code: Select all

% curl -6 'https://i.guim.co.uk/img/media/9037613144a28cb2df0d67bfc0c8f56318c7eab7/0_300_4600_2760/master/4600.jpg?width=620&quality=85&dpr=1&s=none' --output /tmp/foo.img
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:--  0:03:01 --:--:--     0
curl: (35) LibreSSL SSL_connect: SSL_ERROR_SYSCALL in connection to i.guim.co.uk:443 
and from the same host using IPv4:

Code: Select all

% curl -4 'https://i.guim.co.uk/img/media/9037613144a28cb2df0d67bfc0c8f56318c7eab7/0_300_4600_2760/master/4600.jpg?width=620&quality=85&dpr=1&s=none' --output /tmp/foo.img
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 57507  100 57507    0     0   218k      0 --:--:-- --:--:-- --:--:--  217k
by nhbriggs » Tue Oct 11, 2022 9:09 pm
And just to show that it doesn't *always* fail, from the same Sonic connected mac a couple of minutes later --

Code: Select all

% curl -6 'https://i.guim.co.uk/img/media/9037613144a28cb2df0d67bfc0c8f56318c7eab7/0_300_4600_2760/master/4600.jpg?width=620&quality=85&dpr=1&s=none' --output /tmp/foo.img
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 57507  100 57507    0     0  13837      0  0:00:04  0:00:04 --:--:-- 13837
by kpabap » Tue Oct 18, 2022 1:43 pm
Wish I had anything helpful to add. I'm sitting around hoping native IPv6 will come to Sonic soon. It's causing me quite a bit of grief considering how awesome the company is otherwise, to not have something which other (megacorporation-level) ISPs have had for way over a decade and also which is more and more going to become completely non-optional to be able to fully access the Internet in general.
by kgc » Tue Oct 18, 2022 1:53 pm
If you have something on your end to terminate it, you might try the ipv6 tunnel service in place of 6rd.
Kelsey Cummings
System Architect, Sonic.net, Inc.
by nhbriggs » Wed Oct 26, 2022 4:03 pm
@kgc -- can you provide a link to a sonic document that describes their IPv6 tunnel offerings other than 6RD?
by kgc » Wed Oct 26, 2022 4:06 pm
See https://members.sonic.net/labs/ipv6tunnel/ it includes example configs.
Kelsey Cummings
System Architect, Sonic.net, Inc.
by nhbriggs » Sat Oct 29, 2022 1:44 pm
I've tracked down the apparent source of the problem: a content distribution network (fastly.net) that seems to have an IPv6 MTU problem. If I turn the MTU on my mac's ethernet interface down to 1472 then the problem goes away. Switching to an IPv6 tunnel instead of a 6RD configuration won't help this. I have a problem report open with a customer of Fastly's to raise the issue with Fastly.

I wish Sonic would provision native IPv6 on all the services (including resold AT&T ADSL) instead of relying on the 6RD or IPv6 tunnels for some.
by kgc » Mon Oct 31, 2022 10:59 am
That sounds like a PMTUD problem. Is there a chance your firewall is being aggressive on blocking ICMP?
Kelsey Cummings
System Architect, Sonic.net, Inc.
by willtam » Tue Nov 01, 2022 2:07 pm
@nhbriggs I found an IPv4/IPv6 MTU issue that may have contributed to the issues you were seeing with our 6RD service. This was fixed as of last night. If you are still seeing issues we would love to know that this wasn't the main problem.
Will
Sonic NOC
by nhbriggs » Mon Nov 07, 2022 9:19 am
@kgc -- no firewall other than the Sonic SR515ac residential gateway, over which I have no control as far as any IPv6 settings go (except for turning on the 6RD (or generic 6-in-4) tunnel). I would have expected that ICMP6 issues would show up at the Sonic IP/IP6 gateway that is the remote (to me) end of the 6-in-4/6RD tunnel.

@william -- nope, that hasn't made any difference, but thanks for looking.

I'm still debugging this with the Fastly and Fastly customer's reps.
13 posts Page 1 of 2

Who is online

In total there are 28 users online :: 2 registered, 0 hidden and 26 guests (based on users active over the past 5 minutes)
Most users ever online was 999 on Mon May 10, 2021 1:02 am

Users browsing this forum: Bing [Bot], Semrush [Bot] and 26 guests