[153241] in North American Network Operators' Group
Re: IPv6 day and tunnels
daemon@ATHENA.MIT.EDU (Cameron Byrne)
Sun Jun 3 22:00:00 2012
In-Reply-To: <4FCC11B2.2090405@ttec.com>
Date: Sun, 3 Jun 2012 18:59:13 -0700
From: Cameron Byrne <cb.list6@gmail.com>
To: Joe Maimon <jmaimon@ttec.com>
Cc: North American Networking and Offtopic Gripes List <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Sun, Jun 3, 2012 at 6:38 PM, Joe Maimon <jmaimon@ttec.com> wrote:
> Well, IPv6 day isnt here yet, and my first casualty is the browser on the
> wife's machine, firefox now configured to not query AAAA.
>
> Now www.facebook.com loads again.
>
> Looks like a tunnel mtu issue. I have not as of yet traced the definitive
> culprit, who is (not) sending ICMP too big, who is (not) receiving them,
> etc.
>
> www.arin.net works and worked for years. www.facebook.com stopped June 1.
>
> So IPv6 fixes the fragmentation and MTU issues of IPv4 by how exactly?
>
> Or was the fix incorporating the breakage into the basic design?
>
> In IPv4 I can make tunneling just work nearly all of the time. So I have to
> munge a tcp mss header, or clear a df-bit, or fragment the encapsulated
> packet when all else fails, but at least the tools are there. And on the
> host, /proc/sys/net
>
> In IPv6, it seems my options are a total throwback, with the best one
> turning the sucker off. Nobody (on that station) needs it anyways.
>
> Joe
>
#1 don't tunnel unless you really need to.
#2 see #1
#3 use happy eyeballs, http://tools.ietf.org/html/rfc6555, Chrome has
a good implementation, but this does not solve MTU issues.
#4 MSS hacks work at the TCP layer and still work regardless of IPv4 or IPv6.
#5 According to the IETF, MSS hacks do not exist and neither do MTU
issues http://www.ietf.org/mail-archive/web/v6ops/current/msg12933.html
PSA time: Please use http://test-ipv6.com/ and pass this good advice
around to the people you know.
Thanks,
Cameron
