PMTUD broken with

Daniel Roesen dr at
Wed Feb 2 22:45:03 CET 2011

On Wed, Feb 02, 2011 at 07:47:38AM -0500, Jared Mauch wrote:
> I want to get the broken network elements fixed.  If you see any in
> the NTT network, please let me know as I want to solve it.

Not really your network, but your customer.

It looks like PMTUD is broken on - folks with
MTU 1500 IPv6 access have no problems, but I'm behind a tunnel at home,
but not doing MSS clamping, so advertising MSS=1440. Net result looks
like "something" is prolly filtering the ICMP frag needed packets from
the tunnel broker.

Forward path: SixXS broker at AS8422 -> AS1299 -> NTT -> JNPR

 14   182 ms   182 ms   182 ms [2001:418:0:2000::366]
 15   183 ms   182 ms   196 ms [2001:418:9800:5000::6]
 16     *        *        *     Request timed out.

Source IP within 2001:4dd0:fea5::/48

If you have contacts for IPv6 firewalls at JNPR, would be nice to get in
touch with them sorting that out. Cannot be that they completely filter
ICMP for s3cUriTy? :-P

Best regards,

CLUE-RIPE -- Jabber: dr at -- dr at IRCnet -- PGP: 0xA85C8AA0

More information about the ipv6-ops mailing list