Print

[KNBu5ZMdbR]

For the past few weeks, I've been having trouble connecting to yahoo mail.   Does anyone know what could be the problem?

I try this with HE IPv6 tunnel.  Nothing happens except a timeout after five minutes.

Code: [Select]

$ curl --verbose --verbose https://mail.yahoo.com
* Rebuilt URL to: https://mail.yahoo.com/
*   Trying 2001:4998:1c:800::1000...
* TCP_NODELAY set
* Connected to mail.yahoo.com (2001:4998:1c:800::1000) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* Operation timed out after 300156 milliseconds with 0 out of 0 bytes received
* stopped the pause stream!
* Closing connection 0
curl: (28) Operation timed out after 300156 milliseconds with 0 out of 0 bytes received

whereas if I do:

Code: [Select]

$ curl --verbose --verbose -4 https://mail.yahoo.comthe response is instantaneous.

A plain http://mail.yahoo.com over IPv6 (port 80) forwards immediately to https://mail.yahoo.com (port 443) which times out.  So http to yahoo over IPv6 is good.

I can get to other IPv6 sites just fine, he.net, youtube, google... with and without https.  ipv6foo on my browser verifies IPv6 connection usage.  I'm filling out this form with https://forums.he.net (port 443) and the site is quite responsive.

I've reproduced this problem on Windows, RHEL and Ubuntu.

[dittman]

I'm running into the same problem.  If I take the IPv6 tunnel down I have no problems.

This only started recently.

[dittman]

I added Yahoo's IPv6 block to my firewall's IPv6 block list (used to block Netflix's networks so I can watch videos on Netflix) and it's working now.  There's an issue between HE and Yahoo that still needs to be resolved but this works in the meantime.

Yahoo's IPv6 network is 2001:4998::/32.

[kriteknetworks]

Are they using Cogent for transit?

[tomkep]

No. I can see three routes to them (AS10310), one through NetAssist (AS29632) and two through HE (AS6939).

This could be an issue with PMTU discovery. Please check your MTU setting on both tunnel ends and if needed - lower it to match your physical interface MTU minus IPv4 header.

[dittman]

The MTU on the tunnel is 1480 and the MTU of the physical interface is 1500.

[dittman]

I just removed the 2001:4998::/32 from my firewall's IPv6 block list and can get to Yahoo Mail now.  So whatever was causing the issue appears to have been fixed in the past 12 days.

[dittman]

I just removed the 2001:4998::/32 from my firewall's IPv6 block list and can get to Yahoo Mail now.  So whatever was causing the issue appears to have been fixed in the past 12 days.

And the issue is back.

[KNBu5ZMdbR]

Same here.  Is there a way to open a trouble ticket with HE?  They might be in a position to help get the routing or whatever corrected.

[snarked]

As of yesterday, I’m seeing this also, but only from my Windows 10 laptop.  My iPad gets there fine.  Strange.  Maybe a record caching issue?

[justinowens]

I have been seeing this same issue as well for about 2 months.  Adding Yahoo's IP range to my outbound blocklist fixed it.  Connected via Ashburn server.

I added Yahoo's IPv6 block to my firewall's IPv6 block list (used to block Netflix's networks so I can watch videos on Netflix) and it's working now.  There's an issue between HE and Yahoo that still needs to be resolved but this works in the meantime.

Yahoo's IPv6 network is 2001:4998::/32.

[broquea]

From submitted tickets and internal tests, MTR/ping/traces show that packets are delivered to Yahoo nodes without loss. Native IPv6 is connecting without issue to service ports at the destination. Over tunneled connections, MTR works, however Yahoo is not responding at the service level regardless of MTU tuning. I've sent them an email detailing this, but since packets are clearly being delivered to their network, they've likely got some issues to sort out on their side.

If their users haven't already, I recommend also contacting them directly since this appears to be an issue with their service and not us delivering packets over the network.

[dittman]

From submitted tickets and internal tests, MTR/ping/traces show that packets are delivered to Yahoo nodes without loss. Native IPv6 is connecting without issue to service ports at the destination. Over tunneled connections, MTR works, however Yahoo is not responding at the service level regardless of MTU tuning. I've sent them an email detailing this, but since packets are clearly being delivered to their network, they've likely got some issues to sort out on their side.

If their users haven't already, I recommend also contacting them directly since this appears to be an issue with their service and not us delivering packets over the network.

I haven't had a problem with Yahoo lately, so perhaps they found the issue and have fixed it.