• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

[Connection Problems] [Hint: MTU] Reducing MTU for tunnel

Started by cmsigler, March 31, 2016, 01:52:25 PM

Previous topic - Next topic

cmsigler

Hi all,

I've been setting up my second tunnel recently and ran into a problem with connections to only some HTTP/HTTPS sites.

Running Wireshark showed (black) TCP or SSL frames with info "[TCP Previous segment not captured]".  "GET"s were not followed by "HTTP/1.1 200 OK"s.  With secure connections, "Client Hello"s were not followed by "Server Hello"s.  Failing HTTP connections showed "[TCP Previous segment not captured] [PSH, ACK]".  Most failing HTTPS connections showed "[TCP Previous segment not captured] Continuation Data".

A little searching found posts on these forums that said:

1.) Problems with MTU could give sometimes-failing connections with these symptoms; and,
2.) (Bought me a clue) Using "ping -s packetsize" could test for MTU problems.

My pings started failing below the default MTU of 1480 (proto-41 MTU maximum) so I concluded I was on to something :)  I've used without problems a SixXS AYIYA tunnel with a default MTU of 1280 (proto-41 MTU minimum).  So I decided to reduce my tunnelbroker MTU to 1280.

Voila!  Worked like a charm :D

I'm sure I could adjust the MTU upwards but I'm happy and decided to leave it set to 1280.

For anyone having problems:

1.) Go to your Tunnel Details page on tunnelbroker.net and click on the "Advanced" tab;
2.) Use the MTU slider under Tunnel Options to reduce your MTU and then click "Update";
3.) Tear down and restart your tunnel from scratch;
4.) Test and see if your connection problems are resolved.

HTH.

Clemmitt

javascu