[outages] HE IPv6 tunnel PMTU issues with juniper.net
Chuck Anderson
cra at WPI.EDU
Wed Oct 1 15:16:27 EDT 2014
On Wed, Oct 01, 2014 at 07:01:59PM +0000, Gary Gapinski via Outages wrote:
> On 10/01/2014 05:58 PM, Chuck Anderson via Outages wrote:
> >The Linux "/sbin/ip" command apparently can show mtu and advmss
> >(as seen in Google search results), but on my system it doesn't
> >show them. cat /proc/sys/net/ipv6/conf/<interface>/mtu does show
> >it though.
>
> Ditto mine (proc/sys/net/ipv6/conf/<interface>/mtu is 1480). ip does
> not cough up MTU.
>
> >Right. If you turn off the AdvLinkMTU option (or set it back to
> >1500) such that the initial SYN sets an MSS of 1440, do you then
> >have problems reaching www.juniper.net?
>
> No, which is a bit puzzling. WIth MTU at 1500 on LAN interface, TCP
> connect had outbound SYN with MSS 1420, return SYN ACK with MSS
> 1420. No related ICMPv6 seen. This was tried from a LAN device, not
> the edge router (i.e., the one with the tunnel).
I /think/ you may have to flush your routing table after changing
MTU--it seems the route cache maintains the per-destination MTU/MSS.
At one point I saw some extra routes with MTU 1280 in "/sbin/ip -6
route show".
More information about the Outages
mailing list