Text only | Text with Images

Hurricane Electric's IPv6 Tunnel Broker Forums

Tunnelbroker.net Specific Topics => Questions & Answers => Topic started by: hlinden on November 07, 2014, 07:29:13 PM

Title: trouble connecting to any Google services from my HE tunnel
Post by: hlinden on November 07, 2014, 07:29:13 PM
Hi,

recently, I've had problems connecting to any of Google's services. After I saw the same problem mentioned on /r/ipv6, I decided to take a closer look at it.

Here's what happens about 50% of the time I try to access Google:

Code Select

curl -vvv https://www.google.de
* Rebuilt URL to: https://www.google.de/
* Hostname was NOT found in DNS cache
*   Trying 2a00:1450:4001:803::1017...
* Connected to www.google.de (2a00:1450:4001:803::1017) port 443 (#0)
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: none
* SSLv3, TLS handshake, Client hello (1):
* Unknown SSL protocol error in connection to www.google.de:443
* Closing connection 0
curl: (35) Unknown SSL protocol error in connection to www.google.de:443


...and here's the paket dump of that connection:

http://pastebin.com/Gs3uFrHE

Can someone make sense of that? What irritated me was line 43, packet #11 - "[TCP Previous segment not captured] Continuation Data". That looks like some packets get lost on the way from Google to my machine, right?
Title: Re: trouble connecting to any Google services from my HE tunnel
Post by: doktornotor on November 08, 2014, 02:59:29 AM
See this thread... https://forums.he.net/index.php?topic=3281.0

>:(
Title: Re: trouble connecting to any Google services from my HE tunnel
Post by: gnarlymarley on November 08, 2014, 07:44:56 AM
yeah, google is having an MTU issue around the MTU of 1233/1232, but also facebook might be having it too.  Weird since my MTU is 1480.  When I use a gogo6/freenet tunnel, no issues.  Almost leads me to believe there is a problem router that might be shared.

su-2.05b# ping6 -c1 -s 1233 2607:f8b0:400a:804::1016

--- 2607:f8b0:400a:804::1016 ping6 statistics ---
1 packets transmitted, 0 packets received, 100.0% packet loss

su-2.05b# ping6 -c1 -s 1232 2607:f8b0:400a:804::1016
1240 bytes from 2607:f8b0:400a:804::1016, icmp_seq=0 hlim=57 time=76.204 ms

--- 2607:f8b0:400a:804::1016 ping6 statistics ---
1 packets transmitted, 1 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 76.204/76.204/76.204/0.000 ms
su-2.05b#


su-2.05b# ping6 -c1 -s 1232 connect.facebook.com
1240 bytes from 2a03:2880:2110:9f07:face:b00c:0:1, icmp_seq=0 hlim=50 time=146.474 ms

--- star.c10r.facebook.com ping6 statistics ---
1 packets transmitted, 1 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 146.474/146.474/146.474/0.000 ms
su-2.05b# ping6 -c1 -s 1233 connect.facebook.com

--- star.c10r.facebook.com ping6 statistics ---
1 packets transmitted, 0 packets received, 100.0% packet loss

su-2.05b#



su-2.05b# traceroute6 -In 2607:f8b0:400a:804::1016
traceroute6 to 2607:f8b0:400a:804::1016 (2607:f8b0:400a:804::1016) 64 hops max, 16 byte packets
1  2001:470:1f04:170b::1  49.205 ms  44.331 ms  48.802 ms
2  2001:470:0:45::1  45.083 ms  48.799 ms  44.453 ms
3  2001:470:0:31::2  54.859 ms  52.193 ms  54.351 ms
4  2001:4860:1:1:0:1b1b:0:9  39.223 ms  48.358 ms  39.705 ms
5  2001:4860::1:0:7ea  40.715 ms  56.790 ms  54.985 ms
6  2001:4860::8:0:6117  47.454 ms  42.494 ms  45.142 ms
7  2001:4860::8:0:61e0  57.932 ms  61.962 ms 2001:4860::8:0:61e1  60.498 ms
8  2001:4860::8:0:699a  64.155 ms  60.690 ms 2001:4860::8:0:6999  62.446 ms
9  2001:4860::1:0:795  61.544 ms  65.149 ms  65.766 ms
10  2001:4860:0:1::1b1  69.083 ms  60.397 ms  61.938 ms
11  2607:f8b0:400a:804::1016  57.420 ms  60.011 ms  62.369 ms
su-2.05b# traceroute6 -In connect.facebook.com
traceroute6 to star.c10r.facebook.com (2a03:2880:2110:9f07:face:b00c:0:1) 64 hops max, 16 byte packets
1  2001:470:1f04:170b::1  46.632 ms  67.262 ms  39.369 ms
2  2001:470:0:45::1  40.633 ms  52.413 ms  49.940 ms
3  2001:470:0:30::2  44.920 ms  39.943 ms  49.306 ms
4  2001:470:0:34::2  52.340 ms  50.076 ms  49.866 ms
5  2001:504:0:3::209:1  49.885 ms  53.139 ms  76.774 ms
6  2001:428::205:171:3:68  119.749 ms  117.501 ms  117.406 ms
7  2001:428:c02:10:0:3a:0:2  110.102 ms  112.479 ms  112.341 ms
8  2620:0:1cff:dead:beef::404  114.874 ms  115.023 ms  122.363 ms
9  2620:0:1cff:dead:beef::ce  119.867 ms  117.706 ms  117.595 ms
10  2620:0:1cff:dead:beef::65d  119.491 ms  120.011 ms  115.007 ms
11  2620:0:1cff:dead:beee::25b  112.388 ms  115.040 ms  114.954 ms
12  * * *
13  2a03:2880:2110:9f07:face:b00c:0:1  116.027 ms  123.066 ms  112.346 ms
su-2.05b#

Title: Re: trouble connecting to any Google services from my HE tunnel
Post by: hlinden on November 08, 2014, 08:50:31 AM
The MTU problem makes sense, that's probably why a few packets didn't make it through.

The problem seems to be resolved on my end now, at least for google services.
Title: Re: trouble connecting to any Google services from my HE tunnel
Post by: hlinden on November 08, 2014, 08:59:06 AM
Quote from: hlinden on November 08, 2014, 08:50:31 AM

The problem seems to be resolved on my end now, at least for google services.

Welp, it isn't.
Text only | Text with Images