pay.gov and IPv6
JORDI PALET MARTINEZ
jordi.palet at consulintel.es
Mon Nov 21 07:51:16 UTC 2016
Tested again from four different networks. Not working for me.
Same in other web sites hosted by 1&1 (for example www.legalveritas.es). All their IPv6 web sites are broken, every time I need to access their web sites, need to disable IPv6, I know how to do that, but regular folks not.
tbit from 2001:df0:4:4000::1:115 to 2001:8d8:100f:f000::2d5
server-mss 1420, result: pmtud-fail
app: http, url: http://diskmakerx.com/
[ 0.010] TX SYN 64 seq = 0:0
[ 0.286] RX SYN/ACK 64 seq = 0:1
[ 0.286] TX 60 seq = 1:1
[ 0.297] TX 233 seq = 1:1(173)
[ 0.573] RX 60 seq = 1:174
[ 0.799] RX 1480 seq = 1:174(1420)
[ 0.799] RX 73 seq = 1421:174(13)
[ 0.799] RX 1480 seq = 1434:174(1420)
[ 0.799] RX 1480 seq = 2854:174(1420)
[ 0.799] TX PTB 1280 mtu = 1280
[ 0.799] RX 1480 seq = 4274:174(1420)
[ 0.799] RX 1480 seq = 5694:174(1420)
[ 0.799] RX 1480 seq = 7114:174(1420)
[ 0.801] RX 1480 seq = 8534:174(1420)
[ 0.809] TX 60 seq = 174:1
[ 0.821] RX 1480 seq = 9954:174(1420)
[ 0.824] RX 1480 seq = 11374:174(1420)
[ 1.628] RX 1480 seq = 1:174(1420)
[ 1.629] TX PTB 1280 mtu = 1280
[ 3.288] RX 1480 seq = 1:174(1420)
[ 3.288] TX PTB 1280 mtu = 1280
[ 6.612] RX 1480 seq = 1:174(1420)
[ 6.612] TX PTB 1280 mtu = 1280
[ 13.252] RX 1480 seq = 1:174(1420)
Regards,
Jordi
-----Mensaje original-----
De: Mark Andrews <marka at isc.org>
Responder a: <marka at isc.org>
Fecha: lunes, 21 de noviembre de 2016, 1:26
Para: Carl Byington <carl at five-ten-sg.com>
CC: <jordi.palet at consulintel.es>, <nanog at nanog.org>
Asunto: Re: pay.gov and IPv6
In message <1479686835.13553.4.camel at ns.five-ten-sg.com>, Carl Byington writes:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> On Sun, 2016-11-20 at 10:51 +0100, JORDI PALET MARTINEZ wrote:
> > For example, you will not get this working if you have a lower MTU
> > than 1.500, which is quite normal, not just for tunnels, but also
> > because the PPP/others encapsulation in many access links:
>
> > http://diskmakerx.com/
>
> curl -6 -v http://diskmakerx.com/
>
> That works here via an he.net tunnel. Perhaps 1and1 fixed something.
And the advertised MSS was what? On my box I'm seeing 1220 for
IPv6 compared with 1460 for IPv4. 1220 shouldn't see PMTU problems.
1460 on the other hand will cause problems as more clients are
forced behind IPv4 as a service links.
11:14:50.056215 IP 172.30.42.121.52280 > 217.160.0.214.80: Flags [S], seq 2115844511, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 538455715 ecr 0,sackOK,eol], length 0
11:14:50.137770 IP6 2001:470:a001:4:c00d:3d8c:14e7:6de3.52282 > 2001:8d8:100f:f000::2d5.80: Flags [S], seq 4181372812, win 65535, options [mss 1220,nop,wscale 4,nop,nop,TS val 538455793 ecr 0,sackOK,eol], length 0
Mark
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.14 (GNU/Linux)
>
> iEYEAREKAAYFAlgyOp4ACgkQL6j7milTFsFslACfaRbslKuUHrxGJyuI+j8X/Sle
> AZ8AoIg2wF/GWBdDtphQSuD9/gGMDfOA
> =4nAp
> -----END PGP SIGNATURE-----
>
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
**********************************************
IPv4 is over
Are you ready for the new Internet ?
http://www.consulintel.es
The IPv6 Company
This electronic message contains information which may be privileged or confidential. The information is intended to be for the use of the individual(s) named above. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, including attached files, is prohibited.
More information about the NANOG
mailing list