Penned by Joakim Aronius on 20091215 8:47.29, we have:
| * Todd T. Fries (t...@fries.net) wrote:
| > Must is there, granted. For IPSec tunnels encapsulating IPv6 inside IPv4,
| > there are tricky problems that were looked at during n2k9 but not solved
| > that prevent the proper icmp6 too big mes
* Todd T. Fries (t...@fries.net) wrote:
> Must is there, granted. For IPSec tunnels encapsulating IPv6 inside IPv4,
> there are tricky problems that were looked at during n2k9 but not solved
> that prevent the proper icmp6 too big message from being sent with the
> proper source address to match t
Must is there, granted. For IPSec tunnels encapsulating IPv6 inside IPv4,
there are tricky problems that were looked at during n2k9 but not solved
that prevent the proper icmp6 too big message from being sent with the
proper source address to match the VPN config so it might make it back
to the pr
* Stuart Henderson (s...@spacehopper.org) wrote:
> On 2009/12/11 14:14, Joakim Aronius wrote:
> > Could someone please hit me with a clue stick if I am wrong here...
> > If there is tunnel reducing the MTU then the tunnel endpoint should
> > send an ICMPv6 packet too big to the sender.
>
> You can
On 2009/12/11 14:14, Joakim Aronius wrote:
> Could someone please hit me with a clue stick if I am wrong here...
> If there is tunnel reducing the MTU then the tunnel endpoint should
> send an ICMPv6 packet too big to the sender.
You can't rely on "should".
* Stuart Henderson (s...@spacehopper.org) wrote:
> On 2009-12-10, Jonas Thambert wrote:
> > Like a month ago we got a complain from a user that our website
> > was unreachable over IPv6. We have 2x Native Ipv6 transits. The user
> > had bought IPv6 from an ISP thay uses tunneling to deliver it
> >
Penned by Jonas Thambert on 20091210 9:39.33, we have:
| Like a month ago we got a complain from a user that our website
| was unreachable over IPv6. We have 2x Native Ipv6 transits. The user
| had bought IPv6 from an ISP thay uses tunneling to deliver it
| to the organization. After some packet t
On 2009-12-10, Jonas Thambert wrote:
> Like a month ago we got a complain from a user that our website
> was unreachable over IPv6. We have 2x Native Ipv6 transits. The user
> had bought IPv6 from an ISP thay uses tunneling to deliver it
> to the organization. After some packet traces we found out
Thanks Rod for your input. We use pf as a firewall, and when we get the
users IPv6 packets they are already fragmented. Native IPv6 and Terredo
tunnels does not get fragmented on the way to us.
I will read up on your links ;)
// Jonas
> I have an IPv6 over IPv4 connection. I once had two, one
On Thu, 10 Dec 2009 09:39:33 +0100, Jonas Thambert wrote:
>Like a month ago we got a complain from a user that our website
>was unreachable over IPv6. We have 2x Native Ipv6 transits. The user
>had bought IPv6 from an ISP thay uses tunneling to deliver it
>to the organization. After some packet tr
Like a month ago we got a complain from a user that our website
was unreachable over IPv6. We have 2x Native Ipv6 transits. The user
had bought IPv6 from an ISP thay uses tunneling to deliver it
to the organization. After some packet traces we found out that the
problem was in PF and that it doesn'
11 matches
Mail list logo
