WIndows Updates Fail Via IPv6 - Update!
Mark Tinka
mark.tinka at seacom.mu
Sun Mar 3 10:31:11 UTC 2019
Hi all.
Just an update on this... it did turn out to be an MTU issue which I've
been working on since last year, November. The trick was finding the
right combination of settings between my Mikrotik home router and one of
our Cisco ASR1006 edge routers in my backbone that terminates the 6-in-4
tunnel.
After testing this at the office, I was, then, sure that the problem was
MTU-related as it only occurred at my house.
My FTTH service is delivered over GPON, and after a bit of testing,
concluded that my MTU for IPv4 is 1,452 bytes. Across the 6-in-4 tunnel,
the tested MTU is 1,232 for IPv6.
The Mikrotik will not pass any IPv6 traffic if the 6-in-4 tunnel does
not have the minimum default MTU for IPv6, i.e., 1,280 bytes (even if
the tunnel cannot actually transport 1,280 byte-sized packets). This is
not documented anywhere, so it took a while to figure out.
On the Cisco, you can't configure an IPv6 interface MTU lower than 1,280
bytes... but that is within the standard IPv6 spec., so no major drama.
So the right combination of settings is to have 1,280 bytes on the
Mikrotik and enable "ipv6 tcp adjust-mss 1232" on the Cisco (the latter
for my specific case - yours may vary depending on your IPv4 conditions).
Just wanted to update this thread in case someone else runs into this issue.
Thanks for the clue, Mikael and all.
Mark.
On 13/Nov/18 12:38, Mark Tinka wrote:
>
> On 12/Nov/18 20:34, Mikael Abrahamsson wrote:
>
>>
>>
>> Are you doing TCP MSS adjust/clamping? If you don't, try that and see
>> if it helps. This might be a PMTUD issue.
>>
>> Otherwise if possible, try lowering the MTU sent in RA to the one you
>> have on your tunnel (this depends on if this is available to you in
>> your RA sending device).
> Thanks, Mikael.
>
> I'll have a sniff and see of this helps.
>
> Mark.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20190303/16dd9dc9/attachment.html>
More information about the NANOG
mailing list