IPv6 and forum.pfsense.org
-
Since enabling IPv6 via 6rd after upgrading to pfSense 2.2, the only site I've noticed problems with is, ironically, this one (forum.pfsense.org).
Safari on OS X and iOS often hangs when trying to load this site. Refreshing the page usually makes it load properly. Looking at the tables on the router leads me to believe the hangs occur when Safari tries to connect using IPv6 and the refresh causes it to retry with IPv4.
I initially had a rule to pass all ICMPv6 but am now just relying on the built-in ICMPv6 rules. Either way I have issues with this site. I may end up putting a host override for forum.pfsense.org in DNS so my clients aren't aware of the IPv6 address.
The only other difference I can think of is that reverse DNS will work for my IPv4 NAT address but not for my IPv6 address.
Any suggestions?
-
Yes. Set your WAN MTU/MSS to something like 1460/1440 (or 1452/1432 if it's PPPoE).
-
Good idea, I will play around with the MTU. I am using PPPoE and the default IPv4 MTU of 1492.
The routing tables make it look like the IPv6 MTU is 1280. Perhaps I'm misinterpreting this.
-
Damnit, accidentally deleted my reply. See https://redmine.pfsense.org/issues/2762
-
In the message you deleted (which I happened to see before it went away) you also mentioned 2674, so I had a look at router advertisements.
My radvd is advertising a MTU of 1500. When I make it advertise 1280 I can't reproduce the original problem. I'll need to test some more.
-
There's really no point in dropping MTU to 1280 on LAN.
