Strange missing HTTP packets with tunnel shared from 10.4 Mac

[croikle]

Greetings, everyone.
I've set up a tunnel on my gateway machine, a Mac running 10.4.11, and enabled sharing with rtadvd. On the client machine, this works fine for some sites: I get 10/10 for v6 at test-ipv6.com, for example. However, some other sites have issues. ip6.me fails to load, and a packet capture shows that the TCP handshake works, I send my HTTP request, and then I get back a packet with seq 1400 or so, where the HTML starts in the middle of the page. This seems to indicate that the first response packet got dropped somewhere.

Code Select Expand

e easy to remember url's:
<br>&nbsp;<br><a href="http://ip4.me">ip4.me</a> (defaults to IPv4 only test)
<br><a href="http://ip6.me">ip6.me</a>
<br><a href="http://whatismyv6.com">whatismyv6.com</a><br><a href="http://whatismyipv6address.com">whatismyipv6address.com</a>
</font></td></tr></table>
</center></body></html>


ip6.me (and everything else) works fine on the gateway. Here's a pcap from gif0 on the gateway which shows an attempt from the client to get ip6.me, and then a successful load on the gateway itself: http://www.filedropper.com/dump

ifconfig on gateway:

Code Select Expand


lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1280
tunnel inet 184.9.194.134 --> 209.51.181.2
inet6 fe80::20a:95ff:fece:bcd8%gif0 prefixlen 64 scopeid 0x2
inet6 2001:470:1f10:1048::2 --> 2001:470:1f10:1048::1 prefixlen 128
stf0: flags=0<> mtu 1280
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether 00:0a:95:ce:bc:d8
media: autoselect (100baseTX <full-duplex>) status: active
supported media: none autoselect 10baseT/UTP <half-duplex> 10baseT/UTP <full-duplex> 10baseT/UTP <full-duplex,hw-loopback> 100baseTX <half-duplex> 100baseTX <full-duplex> 100baseTX <full-duplex,hw-loopback>
en1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 10.0.2.1 netmask 0xffffff00 broadcast 10.0.2.255
inet6 fe80::20d:93ff:fe7d:8655%en1 prefixlen 64 scopeid 0x5
inet 192.168.1.91 netmask 0xffffff00 broadcast 192.168.1.255
inet6 2001:470:1f11:1048::1 prefixlen 64
ether 00:0d:93:7d:86:55
media: autoselect status: active
supported media: autoselect
fw0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 2030
lladdr 00:0a:95:ff:fe:ce:bc:d8
media: autoselect <full-duplex> status: inactive
supported media: autoselect <full-duplex>
gif1: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
ppp0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1492
inet 184.9.194.134 --> 10.51.1.1 netmask 0xffff0000


ifconfig on client:

Code Select Expand


lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
inet 127.0.0.1 netmask 0xff000000
gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
stf0: flags=0<> mtu 1280
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether 00:17:f2:d3:b6:7c
media: autoselect
status: inactive
fw0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 2030
lladdr 00:19:e3:ff:fe:72:8c:f2
media: autoselect <full-duplex>
status: inactive
en1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether 00:19:e3:d7:54:11
inet6 fe80::219:e3ff:fed7:5411%en1 prefixlen 64 scopeid 0x6
inet 10.0.2.11 netmask 0xffffff00 broadcast 10.0.2.255
inet6 2001:470:1f11:1048:219:e3ff:fed7:5411 prefixlen 64 autoconf
media: autoselect
status: active
vboxnet0: flags=8842<BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether 0a:00:27:00:00:00

(lots of irrelevant stuff in those, but pasting it all just in case)

Any idea what's going wrong, and whether I can fix it?
Thanks!

[cholzhauer]

Are you running any sort of firewall?

[croikle]

I think I've got it turned off as much as I know how. ip6fw flush. Also disabled the v4 firewall and the firewall on the client, but no change.

Could there be MTU issues? It seems like larger packets are the ones with issues.

[croikle]

Ok, it does appear to be an MTU issue. When I change the en1 MTU to 1280 on the client, all these sites work fine, and if I change it back to 1500 they break again. I assume things were originally working on the gateway because it sends directly on gif0 with MTU 1280.

Good to have it working, though that does mean that clients need a little fiddling to be perfect. It would be nicer if everything could be autoconfigured.

Edit: aha, I can set mtu in rtadvd.conf, so clients don't need any special configuration. Excellent.