www.eftps.gov contact

Brian E Carpenter brian.e.carpenter at gmail.com
Wed Dec 19 09:46:15 CET 2012


On 19/12/2012 02:52, Darren Pilgrim wrote:
> On 2012-12-18 12:45, Andre Grueneberg wrote:
>> Darren Pilgrim wrote:
>>> On 2012-12-18 07:24, Jared Mauch wrote:
>>>> Seems to work for me.. perhaps a local ipv6 issue for you?
>>> The issue occurs at multiple sites connected to different ISPs.
>>> Some sites get IPv6 via 6in4, some are native dual-stack.  I have
>>> one host where I can reach port 80 over IPv6, but not port 443.  I'm
>>> fairly sure this is a path MTU issue on EFTPS' end.
>>
>> Lately I've experienced a similar issue where the ICMPv6 PTB didn't make
>> it's way back due to some Juniper (SSG) firewall having the screening
>> option for "big ICMP" packets enabled. This feature is a total no-go if
>> you'd like to have working IPv6.
>>
>> Anyway, I can reach the site, so probably it's a local issue of yours?!
> 
> It's broken PMTUD due to their or First Data's equipment blocking all
> ICMPv6.  Two of my sites are behind 6in4 tunnels.  They can make the
> initial TCP connection, but not load the page.  Forcing IPv4-only on
> www.eftps.gov is the only workaround until I can get native IPv6.

Really? Can't you set the MTU to 1280? That should fix it.

    Brian



More information about the ipv6-ops mailing list