I can fetch the header of websites via IPv6 but not the webpage, why?

Hannes Frederic Sowa hannes at stressinduktion.org
Mon Jan 20 14:58:35 CET 2014

On Mon, Jan 20, 2014 at 11:59:39AM +0100, Tore Anderson wrote:
> Or, even better, get rid of the tunneling crap and get native IPv6. This
> is a very common problem for IPv6 tunnels. As a web site operator I
> would actually prefer it if people stayed IPv4-only until their ISP
> could provide them with properly supported IPv6 connectivity. Oh well...

Tunnels should actually work fine and icmp rate limiting should take
place per destination (or on a /64 boundary). Either someone messed up
their filters or we have a software bug (maybe we should just introduce
a netfilter target which does mid-path fragmentation of IPv6 packets :P ).

We had some pretty significant bugs in pmtud in linux which were fixed some
while ago:


But they have not yet been integrated in all the vendor's kernel.

Especially on heavy loaded servers we need some way to ensure longer pmtu
lifetimes in the routing table.  Currently they can easily get evacuated
too fast if lots of IPv6 flows hit a linux end host and should hold on
at least the minimal time the administrator had configured.



More information about the ipv6-ops mailing list