www.eftps.gov contact
Darren Pilgrim
darren at bluerosetech.com
Wed Dec 19 03:52:00 CET 2012
On 2012-12-18 12:45, Andre Grueneberg wrote:
> Darren Pilgrim wrote:
>> On 2012-12-18 07:24, Jared Mauch wrote:
>>> Seems to work for me.. perhaps a local ipv6 issue for you?
>> The issue occurs at multiple sites connected to different ISPs.
>> Some sites get IPv6 via 6in4, some are native dual-stack. I have
>> one host where I can reach port 80 over IPv6, but not port 443. I'm
>> fairly sure this is a path MTU issue on EFTPS' end.
>
> Lately I've experienced a similar issue where the ICMPv6 PTB didn't make
> it's way back due to some Juniper (SSG) firewall having the screening
> option for "big ICMP" packets enabled. This feature is a total no-go if
> you'd like to have working IPv6.
>
> Anyway, I can reach the site, so probably it's a local issue of yours?!
It's broken PMTUD due to their or First Data's equipment blocking all
ICMPv6. Two of my sites are behind 6in4 tunnels. They can make the
initial TCP connection, but not load the page. Forcing IPv4-only on
www.eftps.gov is the only workaround until I can get native IPv6.
More information about the ipv6-ops
mailing list