Test your connectivity for World IPv6 Day
frnkblk at iname.com
Tue Jun 7 19:17:36 CEST 2011
If a host is behind a firewall that filters ICMPv6 messages and the person
managing the host can't change/fix the firewall, then yes, temporarily
lowering the hosts MTU makes sense. While working to get that firewall
reconfigured or fixed.
From: ipv6-ops-bounces+frnkblk=iname.com at lists.cluenet.de
[mailto:ipv6-ops-bounces+frnkblk=iname.com at lists.cluenet.de] On Behalf Of
Sent: Tuesday, June 07, 2011 10:11 AM
To: Tore Anderson
Subject: Re: Test your connectivity for World IPv6 Day
A tunnel supporting less than 1500 must indeed return ICMP PTB messages like
But if the source host has a firewall that filters inbound ICMPv6 messages,
this becomes this host's problem.
It becomes also a problem of hosts it communicates with although these hosts
have no responsibility in the problem.
This host avoids the problem if it works with an "effective MTU for sending"
of 1280 for off-link destinations, except for paths where PMTUD has detected
> I refuse to work
> around their defective network by crippling the MTU for all my visitors.
In my understanding, it isn't a problem of defective ISP network.
It is a problem of uncertain effectiveness, so far, of PMTUD (worse in UDP
than in TCP, and aggravated where some firewalls unduly filter ICMPv6
> What MTU do you recommend for IPv4 servers, by the way? 576 or 68?
As you of course know, despite this ironic question, the problem comes up in
IPv6 because routers can no longer fragment packets.
More information about the ipv6-ops