Re: IPv6 day and tunnels

[Cameron Byrne <cb.list6 () gmail com>]

On Sun, Jun 3, 2012 at 6:38 PM, Joe Maimon <jmaimon () ttec com> wrote:
> Well, IPv6 day isnt here yet, and my first casualty is the browser on the
> wife's machine, firefox now configured to not query AAAA.
>
> Now www.facebook.com loads again.
>
> Looks like a tunnel mtu issue. I have not as of yet traced the definitive
> culprit, who is (not) sending ICMP too big, who is (not) receiving them,
> etc.
>
> www.arin.net works and worked for years. www.facebook.com stopped June 1.
>
> So IPv6 fixes the fragmentation and MTU issues of IPv4 by how exactly?
>
> Or was the fix incorporating the breakage into the basic design?
>
> In IPv4 I can make tunneling just work nearly all of the time. So I have to
> munge a tcp mss header, or clear a df-bit, or fragment the encapsulated
> packet when all else fails, but at least the tools are there. And on the
> host, /proc/sys/net
>
> In IPv6, it seems my options are a total throwback, with the best one
> turning the sucker off. Nobody (on that station) needs it anyways.
>
> Joe

#1 don't tunnel unless you really need to.

#2 see #1

#3 use happy eyeballs, http://tools.ietf.org/html/rfc6555, Chrome has
a good implementation, but this does not solve MTU issues.

#4 MSS hacks work at the TCP layer and still work regardless of IPv4 or IPv6.

#5  According to the IETF, MSS hacks do not exist and neither do MTU
issues http://www.ietf.org/mail-archive/web/v6ops/current/msg12933.html

PSA time:  Please use http://test-ipv6.com/ and pass this good advice
around to the people you know.

Thanks,

Cameron