<div dir="ltr">So, I finally managed to get it up. My IPv6 tunnel that is. While I can bring the tunnel up, <a href="http://test-ipv6.com">test-ipv6.com</a> gives me a passing grade, I can connect to many sites via IPv6 (e.g. <a href="http://ipv6.google.com">ipv6.google.com</a>), and I've been able to ping pretty much any v6 connected host without issue. The thing is I'm not able to connect to all v6 sites (using my browser). Sites that I'm unable to connect to include things that I "know" work such as <a href="http://pfsense.org">pfsense.org</a>, <a href="http://doc.pfsense.org">doc.pfsense.org</a>, <a href="http://freebsd.org">freebsd.org</a>, and others.<div>
<br></div><div>Below is a simplified diagram of my network. Aside from what's shown there are a few wireless access points, some wireless clients, and various VMs running on VMWare Workstation 9 on the Windows 7 workstation.</div>
<div><br></div><div><font face="courier new, monospace"> CenturyLink</font></div><div><font face="courier new, monospace"> (PPPoE, dyn IP)</font></div><div><font face="courier new, monospace"> ^</font></div><div>
<font face="courier new, monospace"> |</font></div><div><font face="courier new, monospace"> v</font></div><div><font face="courier new, monospace"> ZyXel Q100</font></div><div><font face="courier new, monospace">VDSL modem/bridge</font></div>
<div><div><font face="courier new, monospace"> ^</font></div><div><font face="courier new, monospace"> |</font></div><div><font face="courier new, monospace"> v</font></div></div><div><font face="courier new, monospace"> pfSense 2.0-rc0</font></div>
<div><font face="courier new, monospace"> (sigmund)</font></div><div><div><font face="courier new, monospace"> ^</font></div><div><font face="courier new, monospace"> |</font></div><div><font face="courier new, monospace"> v</font></div>
</div><div><font face="courier new, monospace"> 10/100 ethernet</font></div><div><font face="courier new, monospace"> switch</font></div><div><font face="courier new, monospace"> (WRT54GS running</font></div><div><font face="courier new, monospace"> DD-WRT)</font></div>
<div><div><font face="courier new, monospace"> ^</font></div><div><font face="courier new, monospace"> |</font></div><div><font face="courier new, monospace"> v</font></div></div><div><font face="courier new, monospace">Windows 7 Workstaion</font></div>
<div><font face="courier new, monospace"> (drogon)</font></div><div><font face="courier new, monospace"><br></font></div><div><font face="arial, helvetica, sans-serif">I did some chatting with a few people in #ipv6 (irc://<a href="http://irc.freenode.org/ipv6">irc.freenode.org/ipv6</a>). The prevailing theory is that my issues are related to an MTU mismatch. The way I understand it is that PMTU is mandatory in IPv6. I'm not all that familiar with tunneling to begin with and in this particular setup there are more layers than I care for (PPPoE, and a 6in4 to HE). </font></div>
<div><font face="arial, helvetica, sans-serif"><br></font></div><div><font face="arial, helvetica, sans-serif">Sigmund, my pfSense box, it's a Dell Latitude D620 laptop with an onboard Broadcom gigabit NIC (bge driver) facing my LAN, and a DEC/Intel 21143 CardBus NIC (dc driver) on the WAN side attached to my DSL bridge which is operating as a transparent bridge (RFC 1483). This setup has been up and running flawlessly for months.</font></div>
<div><font face="arial, helvetica, sans-serif"><br></font></div><div><font face="arial, helvetica, sans-serif">As for interfaces I have "CENTURYLINK" (aka WAN) connected to PPPOE0(dc0), LAN connected to bge0, DSLBRIDGE (aka OPT1 that allows me to connect to the DSL bridge's web interface) connected to bge0, and HEv6 connected to the GIF tunnel.</font></div>
<div><font face="arial, helvetica, sans-serif"><br></font></div><div>Prior to my work on this tunnel all my MTUs have been untouched, left at their default 1500 and everything has worked fine. After discovering the issue of not being able to connect to some sites via v6 I started playing around with the MUTs on various interfaces. Occasionally I was able to successfully connect via v6 to some of the sites that I had previously been unable to browse to. If memory serves things worked when I set the MTU on my HEv6 interface to the minimum allowed for IPv6 1280. The part that confuses the hell out of me is that it wouldn't work all the time. Sometimes I could connect, the next time the connection timed out.</div>
<div><br></div><div>I'm pretty new to IPv6. I'm entirely unfamiliar with PMTU and MSS so at a certain point I'm just making random changes and seeing what happens (I kind of feel like a kid with a fork and an electrical outlet).</div>
<div><br></div><div>Is there anyone out there that might be able to give me some idea of where I should go from here? I'd appreciate any help that you can give.</div><div><br></div><div>Thanks for your time.</div><div>
<br></div><div>Adam</div></div>