Understood - thank you. So DF provokes the detection of the weakest link
for MTU discovery.
So a bit of digging and development is necessary if I wish to have that
option available in the luci GUI. Complex?
The weird thing in this setup is that the IPv4 PMTU is 1480 all the way.
It's only at IPv6 layer the PMTU is reduced. possibly something similar
occuring at IPv6. Is it possible something unusual is happening in 6in4
or lower?
On 2021-11-04 23:04, Nathan Lutchansky wrote:
On 11/4/21 11:52 AM, Paul D wrote:
Having a bit of IPv6 6in4 problem. I set a static MTU to 1480 locally
and remotely (HE tunnel).
As I interpret the RFC [1] as referenced by overarching RFC [2], it
notes:
> When using the static tunnel MTU, the Don't Fragment bit MUST NOT be
> set in the encapsulating IPv4 header. As a result, the encapsulator
> should not receive any ICMPv4 "packet too big" messages as a result
> of the packets it has encapsulated.
But pcaps clearly show in the IPv4 packet:
> Flags: 0x40, Don't fragment
> 0... .... = Reserved bit: Not set
> .1.. .... = Don't fragment: Set
> ..0. .... = More fragments: Not set
Is this considered normal IPv6 tunneling behaviour? Or is this broken?
This is normal for Linux. Since forcing routers to perform fragmentation
mid-path is a huge performance hit, Linux uses path MTU discovery to
determine the real MTU of the tunnel, and then generates
fragmentation-needed errors at the tunnel ingress if the outer packet
would be too large for the path.
_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
