I have been running my tunnel with MTU 1480 over my company's primary internet connection without any problems. Now we had to use the fallback internet connection, and some IPv6 sites were unreachable. After some debugging and research I found out that the secondary internet connection uses an additional PPPoE layer, so lowering the MTU on both sides fixed the problem (now using 1460).
I was wondering what exactly happens in the erroneous state.
Large IPv6 packets (e.g., 1480 bytes) from servers reach the tunnel endpoint, and are encapsulated into IPv4 (1500 bytes), and then send over the IPv4-Internet to the provider of the second internet connection. Why are the IPv4 packets not fragmented there and reassembled in my router? Are the IPv4 packets send with "don't fragment" bit? Can I blame the second internet provider (or maybe HE?) for something, or is it completly my fault to have the wrong MTU size?
Maybe somebody can enlighten me...
Regards,
Thomas
There can be several answers, but the primary cause of your problem is that some dip... decided it would be better to turn OFF ICMP error messages on some intervening router, therefore breaking path-MTU-discovery.
Are you talking about ICMPv4 or ICMPv6? Since path MTU discovery is not strictly needed for IPv4 (should just be fragmented somewhere), the problem could only occur on the IPv6 side, not on the tunnel side. Correct?