I've recently set up a 6in4 IPv6 tunnel via Hurricane Electric, following the guide at https://openwrt.org/docs/guide-user/network/ipv6/ipv6tunnel-luci
or https://openwrt.org/docs/guide-user/network/ipv6/ipv6_henet
It mostly works, but I have noticed what seems to be an MTU discrepancy.
The default MTU is showing in LuCI as 1280, and is not set in my config file, but the MTU as configured by the HE tunnel broker is 1480.
I think that's the likely cause of these ICMP6 complaints I see when watching the tunnel with tcpdump while experimenting to see if Verizon Wireless's WiFi calling works over pure IPv6 (addresses redacted)
14:14:36.169105 IP6 2001:VZW:IPV6::ADDR > 2001:IPHONE:HOME::ADDRESS: ESP(spi=0x0df106b2,seq=0xfe), length 1396
14:14:36.169335 IP6 2001:IFACE:ADDR::1 > 2001:VZW:IPV6::ADDR: ICMP6, packet too big, mtu 1280, length 1240
So:
- I should configure the 6in4 with
network.wan6.mtu='1480'
to match? Or is it better to change the tunnel size at HE to 1280? If I'm going to run VPN ingress over this tunnel (at least for experiments--more likely that makes no long term sense, better to have the ingress over the native IPv4 from the ISP), does it matter which MTU I choose? - Do those wiki pages need an update to indicate that the MTU should be configured to match the tunnel (as seen on the tunnel's advanced tab at HE)?
root@LEDE:~# ifconfig 6in4-wan6
6in4-wan6 Link encap:IPv6-in-IPv4
inet6 addr: 2001:REDACTED::2/64 Scope:Global
inet6 addr: fe80::REDACTED/64 Scope:Link
UP POINTOPOINT RUNNING NOARP MTU:1280 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
root@LEDE:~# ubus call system board
{
"kernel": "5.4.143",
"hostname": "LEDE",
"system": "ARMv7 Processor rev 0 (v7l)",
"model": "Netgear Nighthawk X4S R7800",
"board_name": "netgear,r7800",
"release": {
"distribution": "OpenWrt",
"version": "21.02.0",
"revision": "r16279-5cc0535800",
"target": "ipq806x/generic",
"description": "OpenWrt 21.02.0 r16279-5cc0535800"
}
}
root@LEDE:~# uci show network.wan6
network.wan6=interface
network.wan6.proto='6in4'
network.wan6.peeraddr='209.51.161.14'
network.wan6.ip6addr='2001:REDACTED::2/64'
network.wan6.ip6prefix='2001:REDACTED::/48'
network.wan6.tunnelid='REDACTED'
network.wan6.username='REDACTED'
network.wan6.password='REDACTED'