Persistently Change RADVD AdvLinkMTU?
-
I unfortunately have to use a 6rd tunnel with my ISP for IPv6. Something seems rotten in their network regarding Path MTU Discovery but I'm not 100% sure yet. I've already asked them about it but haven't heard anything back. It could be other networks. I've allowed all ICMP in firewall rules on my side.
I think my best option is to change AdvLinkMTU in radvd.conf but I don't know how to keep the changes persistent across reboots. When I tested this by changing the config and killall -HUP radvd, the sites I have trouble with on IPv6 worked great.
I don't want to change LAN's MTU to be lower as that would affect IPv4 as well.
No, I don't want to use MSS clamping as the current UI option affects IPv4 as well and does nothing for UDP.
I was thinking the patches package might work but if someone has another suggestion, please share it.
I considered opening a request for a UI option but someone already did and it was rejected: https://redmine.pfsense.org/issues/8695
-
Path MTU is mandatory with IPv6. This means the largest MTU that's usable over the entire path is automatically determined, so you don't have to set anything, beyond the MTU on your local LAN. If you are connected with ADSL, you might change the LAN MTU to reflect that, otherwise 1500 is normally used.
-
@darkcrucible I have the same problem. Here's the patch I've been using for a while. Set Strip Count "0" and Base Directory "/".
--- /etc/inc/services.inc.orig 2017-10-19 09:51:44.000000000 -0400 +++ /etc/inc/services.inc 2017-10-25 09:23:00.062171000 -0400 @@ -128,6 +128,7 @@ } $mtu = get_interface_mtu($realif); + $mtu = 1280; if (is_numeric($mtu)) { $radvdconf .= "\tAdvLinkMTU {$mtu};\n"; } else {Edited to add: I'm still running 2.4.5-p1 where 6rd is hard coded to MTU 1280. When I upgrade to 2.5.X I might try a bigger value.
-
@dem Thank you for this! This should save me some time finding the code behind this configuration file. 2.5.x did indeed bump the MTU to 1480 in most cases. https://redmine.pfsense.org/issues/6377
@JKnott I agree. The advertised MTU should be 1500 on the LAN because that's what it is and PMTUD should take care of the rest. Since I think this is an ISP problem, my only recourse is to get another ISP and my position to do so is not strong. The downside with lowering the advertised MTU is IPv6 LAN-to-LAN connections use the lower MTU when they don't have to. Other options (particularly lowering the LAN MTU) have even more downsides. So I'm left with this as the least bad option.
-
Just in case someone finds this hack useful, the following is the patch I used on 2.5.0. It will only do what is intended (hardcode advertised MTU to 1480) if "Use same settings as DHCPv6 server" is unchecked under the Router Advertisements configuration settings.
src/etc/inc/services.inc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/etc/inc/services.inc b/src/etc/inc/services.inc index a3203aaaf7..1c63272ca1 100644 --- a/src/etc/inc/services.inc +++ b/src/etc/inc/services.inc @@ -130,7 +130,8 @@ function services_radvd_configure($blacklist = array()) { $radvdconf .= "\tAdvDefaultLifetime {$dhcpv6ifconf['raadvdefaultlifetime']};\n"; } - $mtu = get_interface_mtu($realif); + /*$mtu = get_interface_mtu($realif);*/ + $mtu = 1480; if (is_numeric($mtu)) { $radvdconf .= "\tAdvLinkMTU {$mtu};\n"; } else {
