fp.o content via IPv6
Mike McGrath
mmcgrath at redhat.com
Wed Sep 9 13:20:34 UTC 2009
On Tue, 8 Sep 2009, Allen Kistler wrote:
> In case other 6to4 clients can't figure out why fp.o is beyond their
> reach over IPv6, here's some fixing I did to make access to fp.o over
> 6to4 work for me.
>
> I hadn't had a problem with hanging connections to other IPv6 sites, but
> I have for fp.o. I heard from Mike M on IRC that others had reduced
> their MTU to get 6to4 to work with fp.o.
>
> Starting there, my eventual solution was to put the following in the
> mangle table in ip6tables on my 6to4 router (all one line, of course):
>
> -A FORWARD -o tun6to4 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS
> --clamp-mss-to-pmtu
>
> 6to4 has an MTU of 1480 for most people, but 1472 for DSL. Probably
> something isn't generating an ICMP packet-too-big to send back to fp.o
> when the link MTU drops. Alternatively the packet could be getting
> dropped in transit or ignored by fp.o. Of course, clamping MSS in
> ip6tables only works for TCP.
>
ipv6 has caused a lot of problems for certain people, very non-obvious,
takes several hours to fix problems. I wonder if there's anything more we
can do on our end.
-Mike
More information about the Fedora-infrastructure-list
mailing list