Not able to connect to some website
-
@jeff_wuyo The maximum MTU for WAN-Interface is 1500 bytes (Ethernet maximum MTU size). With PPPoE connections, the PPPoE header increases the frame size by 8 bytes, so must lower the MTU to 1492.
You can test it with it, if it still doesn't work then set the MSS value additionally to 1452 or 1432. -
Nope, didn't work. I set MTU to 1492 on WAN, MyPC just falls back to IPv4. Pure IPv6 site e.g. v6.facebook.com just can't connect. I can't ping using IPv6. Setting MSS to 1452 or 1432 doesn't help either.
Here's some test I run.
@nonick said in Not able to connect to some website:
The maximum MTU for WAN-Interface is 1500 bytes
If that's so, why am I seeing package length way over 1500 when I setup my network as Modem/Router? Is wireshark just showing sum of multiple packages? (I should mention the Modem/Router is provided by my ISP, it's using PPPoE as well.) Here is an example.
-
@jeff_wuyo said in Not able to connect to some website:
I set my MTU 6000 on both WAN and LAN.
Well no wonder your having issues.. That is just borked..
-
@jeff_wuyo said in Not able to connect to some website:
I set my MTU 6000 on both WAN and LAN.
While you can do what you want on your own LAN, you should go with what your ISP requires on the WAN side.
-
@nonick said in Not able to connect to some website:
(Ethernet maximum MTU size)
Not any more. That ended with frame expansion in the late '90s and these days jumbo frames of several KB are possible.
-
@jknott said in Not able to connect to some website:
jumbo frames of several KB are possible.
While this is true - I highly doubt all his devices on his lan are using jumbo of 6000.. Devices like printer and for sure any iot normally have zero support for jumbo.
And typical nics/drivers support only a couple of sizes..
What I will say is pulling some arbitrary number like 6000 out of the air and setting your mtu to that is going to cause you grief that is for sure..
-
@jknott said in Not able to connect to some website:
Not any more. That ended with frame expansion in the late '90s and these days jumbo frames of several KB are possible.
That's right, I wrote on the WAN interface.
The maximum MTU for WAN-Interface is 1500 bytes
-
If one sets a DHCP server to provide whatever MTU size, wouldn't the device accept that value? I know there will be issues with WiFi. BTW, I've been around long enough to remember when 576 was a common MTU size.
-
@jknott said in Not able to connect to some website:
provide whatever MTU size, wouldn't the device accept that value?
No there is nothing saying they would even look or accept such values. Look at windows and search domain as perfect example. So option 119 of dhcp allows for assigning search domains, but not until windows 10 in a later build did windows accept such an option.
Just because dhcp server offers the ability to hand out some option, doesn't mean clients would request or even accept an option. And stuff like iot devices normally have base min to "work" in their network stack anyway..
Using non standard frame sizes is something that can really mess up a network if not all the devices are setup and validated to use and understand these non standard frame sizes. Just because say the switch will pass them, doesn't mean the device is smart enough to leverage or use them..
And sure and the hell wouldn't use 6000?
Can pretty much promise you issues he is seeing is related to such settings.. If anything PPPoE connection most likely would want something lower than the standard 1500 because of the overhead..
I would suggest he moves his lan back to 1500, and then get with his ISP for the proper setup for his wan connection.. A common pppoe mss clamp size is like 1452.. But for optimal working with his ISP he should contact them for proper setup.
-
After I reset pfSense, and did a new setup, the issue still remain. I can't connect to archlinux.org via IPv6.
@johnpoz said in Not able to connect to some website:
I would suggest he moves his lan back to 1500, and then get with his ISP for the proper setup for his wan connection.. A common pppoe mss clamp size is like 1452.. But for optimal working with his ISP he should contact them for proper setup.
I agree, I should consult my ISP for help. I left MTU and MSS default. Will it related to PMTUD no working? The last result might be using pfSense in transparent mode. I've never tested it yet.
Another issue is ICMP req always failed (tested using ipv6-test.com), even I allow it on WAN interface. This didn't happen on my last configuration, which is pretty much the same as this one except I left DHPCv6 enable. I think I disable DHCPv6 last time, MyPC use RDNSS instead. I'm scratching my head off.